Apple Watchos 9 vulnerabilities

CVE-2022-32883 [MEDIUM] CVE-2022-32883: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32883 Component: Maps Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2022-32854 [MEDIUM] CVE-2022-32854: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32854 Component: Contacts Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks.

CVE-2022-32858 [MEDIUM] CVE-2022-32858: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32858 Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling.

CVE-2022-32864 [MEDIUM] CVE-2022-32864: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32864 Component: Kernel Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.

CVE-2022-32881 [MEDIUM] CVE-2022-32881: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32881 Component: Sandbox Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions.

CVE-2022-32875 [MEDIUM] CVE-2022-32875: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32875 Component: Weather Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management.

CVE-2022-32891 [MEDIUM] CVE-2022-32891: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32891 Component: WebKit Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling.

CVE-2022-32913 [LOW] CVE-2022-32913: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32913 Component: Image Processing Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32879 [LOW] CVE-2022-32879: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32879 Component: Notifications Impact: A user with physical access to a device may be able to access contacts from the lock screen Description: A logic issue was addressed with improved state management.

CVE-2022-32870 [LOW] CVE-2022-32870: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32870 Component: Siri Impact: A user with physical access to a device may be able to use Siri to obtain some call history information Description: A logic issue was addressed with improved state management.

CVE-2022-32835 [LOW] CVE-2022-32835: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32835 Component: Watch app Impact: An app may be able to read a persistent device identifier Description: This issue was addressed with improved entitlements.