6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
0.015 Low
EPSS
Percentile
87.1%
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5. It is, therefore, affected by multiple vulnerabilities:
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges (CVE-2022-42858)
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. (CVE-2022-32815, CVE-2022-32832)
A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution. (CVE-2022-32788)
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data. (CVE-2022-32880)
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges. (CVE-2022-32826)
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-42805)
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32948)
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32810)
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32840)
This issue was addressed with improved checks. This issue is fixed in watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to break out of its sandbox. (CVE-2022-32845)
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32797)
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32851, CVE-2022-32853)
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32852)
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32831)
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.
(CVE-2022-32910)
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32820)
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. (CVE-2022-32825)
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to bypass Privacy preferences. (CVE-2022-32789)
The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user information. (CVE-2022-32805)
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. (CVE-2022-32828)
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution. (CVE-2022-32839)
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges. (CVE-2022-32819)
Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. (CVE-2022-32793)
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32821)
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. (CVE-2022-32849)
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2022-32787)
A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution.
(CVE-2022-32802)
The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted image may result in disclosure of process memory. (CVE-2022-32841)
A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service. (CVE-2022-32785)
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32811)
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32812)
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. (CVE-2022-48503)
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges. (CVE-2022-32813)
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. (CVE-2022-32817)
This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32829)
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). (CVE-2022-26981)
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information. (CVE-2022-32823)
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32814)
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system. (CVE-2022-32786)
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system. (CVE-2022-32800)
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files. (CVE-2022-32838)
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory. (CVE-2022-32843)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none. (CVE-2022-46708)
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32796)
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.
(CVE-2022-32842)
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. An app may be able to gain elevated privileges. (CVE-2022-32798)
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak sensitive information. (CVE-2022-32799)
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state. (CVE-2022-32818)
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activity.
(CVE-2022-32857)
This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.
(CVE-2022-32807)
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges. (CVE-2022-32801)
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ‘copyfrom’ paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the ‘copyfrom’ path of the original. This also reveals the fact that the node was copied. Only the ‘copyfrom’ path is revealed; not its contents. Both httpd and svnserve servers are vulnerable. (CVE-2021-28544)
Subversion’s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. (CVE-2022-24070)
Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. (CVE-2022-29046)
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL. (CVE-2022-29048)
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. (CVE-2022-32834)
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32885)
A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address. (CVE-2022-32861)
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32863)
The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32816)
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32792)
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2294)
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32860)
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.
(CVE-2022-32837)
This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user may be able to cause unexpected system termination or corrupt kernel memory. (CVE-2022-32847)
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user’s screen. (CVE-2022-32848)
An out-of-bounds read was addressed with improved bounds checking. (CVE-2022-48578)
A memory corruption issue was addressed with improved validation. (CVE-2022-32897)
webkitgtk: A website may able to track visited websites in private browsing (CVE-2022-32933)
Note that Nessus has not tested for these issues but has instead relied only on the operating system’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(164291);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/05");
script_cve_id(
"CVE-2021-28544",
"CVE-2022-2294",
"CVE-2022-24070",
"CVE-2022-26981",
"CVE-2022-29046",
"CVE-2022-29048",
"CVE-2022-32785",
"CVE-2022-32786",
"CVE-2022-32787",
"CVE-2022-32788",
"CVE-2022-32789",
"CVE-2022-32792",
"CVE-2022-32793",
"CVE-2022-32796",
"CVE-2022-32797",
"CVE-2022-32798",
"CVE-2022-32799",
"CVE-2022-32800",
"CVE-2022-32801",
"CVE-2022-32802",
"CVE-2022-32805",
"CVE-2022-32807",
"CVE-2022-32810",
"CVE-2022-32811",
"CVE-2022-32812",
"CVE-2022-32813",
"CVE-2022-32814",
"CVE-2022-32815",
"CVE-2022-32816",
"CVE-2022-32817",
"CVE-2022-32818",
"CVE-2022-32819",
"CVE-2022-32820",
"CVE-2022-32821",
"CVE-2022-32823",
"CVE-2022-32825",
"CVE-2022-32826",
"CVE-2022-32828",
"CVE-2022-32829",
"CVE-2022-32831",
"CVE-2022-32832",
"CVE-2022-32834",
"CVE-2022-32837",
"CVE-2022-32838",
"CVE-2022-32839",
"CVE-2022-32840",
"CVE-2022-32841",
"CVE-2022-32842",
"CVE-2022-32843",
"CVE-2022-32845",
"CVE-2022-32847",
"CVE-2022-32848",
"CVE-2022-32849",
"CVE-2022-32851",
"CVE-2022-32852",
"CVE-2022-32853",
"CVE-2022-32857",
"CVE-2022-32860",
"CVE-2022-32861",
"CVE-2022-32863",
"CVE-2022-32880",
"CVE-2022-32885",
"CVE-2022-32897",
"CVE-2022-32910",
"CVE-2022-32933",
"CVE-2022-32948",
"CVE-2022-42805",
"CVE-2022-42858",
"CVE-2022-46708",
"CVE-2022-48503",
"CVE-2022-48578"
);
script_xref(name:"APPLE-SA", value:"HT213345");
script_xref(name:"APPLE-SA", value:"APPLE-SA-2022-07-20");
script_xref(name:"IAVA", value:"2022-A-0295-S");
script_xref(name:"IAVA", value:"2022-A-0442-S");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/09/15");
script_name(english:"macOS 12.x < 12.5 Multiple Vulnerabilities (HT213345)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS update that fixes multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5. It is, therefore, affected by
multiple vulnerabilities:
- A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS
Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges (CVE-2022-42858)
- The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6,
macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An
app with root privileges may be able to execute arbitrary code with kernel privileges. (CVE-2022-32815,
CVE-2022-32832)
- A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS
15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code
execution. (CVE-2022-32788)
- This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app
may be able to access user-sensitive data. (CVE-2022-32880)
- An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and
iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005
Catalina. An app may be able to gain root privileges. (CVE-2022-32826)
- An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and
iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-42805)
- An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and
iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32948)
- The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS
8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32810)
- This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7,
iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.
(CVE-2022-32840)
- This issue was addressed with improved checks. This issue is fixed in watchOS 8.7, iOS 15.6 and iPadOS
15.6, macOS Monterey 12.5. An app may be able to break out of its sandbox. (CVE-2022-32845)
- This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina,
macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result
in unexpected termination or disclosure of process memory. (CVE-2022-32797)
- An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security
Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted
AppleScript binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32851,
CVE-2022-32853)
- An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS
Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or
disclosure of process memory. (CVE-2022-32852)
- An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update
2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript
binary may result in unexpected termination or disclosure of process memory. (CVE-2022-32831)
- A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS
Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.
(CVE-2022-32910)
- An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6
and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update
2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32820)
- The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6,
macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel
memory. (CVE-2022-32825)
- A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may
be able to bypass Privacy preferences. (CVE-2022-32789)
- The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005
Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user
information. (CVE-2022-32805)
- The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6,
tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. (CVE-2022-32828)
- The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big
Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote
user may cause an unexpected app termination or arbitrary code execution. (CVE-2022-32839)
- A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS
15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005
Catalina. An app may be able to gain root privileges. (CVE-2022-32819)
- Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in
macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose
kernel memory. (CVE-2022-32793)
- A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS
15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with
kernel privileges. (CVE-2022-32821)
- An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS
15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005
Catalina. An app may be able to access sensitive user information. (CVE-2022-32849)
- An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6
and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update
2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2022-32787)
- A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS
15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution.
(CVE-2022-32802)
- The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS
15.6 and iPadOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted image may result in disclosure
of process memory. (CVE-2022-32841)
- A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and
iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an
image may lead to a denial-of-service. (CVE-2022-32785)
- A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS
Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute
arbitrary code with kernel privileges. (CVE-2022-32811)
- The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS
Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with
kernel privileges. (CVE-2022-32812)
- The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS
15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code
execution. (CVE-2022-48503)
- The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS
Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An
app with root privileges may be able to execute arbitrary code with kernel privileges. (CVE-2022-32813)
- An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS
8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel
memory. (CVE-2022-32817)
- This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS
Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32829)
- Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called,
indirectly, by tools/lou_checktable.c). (CVE-2022-26981)
- A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6
and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update
2022-005 Catalina. An app may be able to leak sensitive user information. (CVE-2022-32823)
- A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7,
tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code
with kernel privileges. (CVE-2022-32814)
- An issue in the handling of environment variables was addressed with improved validation. This issue is
fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able
to modify protected parts of the file system. (CVE-2022-32786)
- This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina,
macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file
system. (CVE-2022-32800)
- A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5,
macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to
read arbitrary files. (CVE-2022-32838)
- An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security
Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted
Postscript file may result in unexpected app termination or disclosure of process memory. (CVE-2022-32843)
- Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA
pool that was not assigned to any issues during 2022. Notes: none. (CVE-2022-46708)
- A memory corruption issue was addressed with improved state management. This issue is fixed in macOS
Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. (CVE-2022-32796)
- An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security
Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.
(CVE-2022-32842)
- An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS
Monterey 12.5. An app may be able to gain elevated privileges. (CVE-2022-32798)
- An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security
Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak
sensitive information. (CVE-2022-32799)
- The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app
may be able to leak sensitive kernel state. (CVE-2022-32818)
- This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in
macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6,
tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user's activity.
(CVE-2022-32857)
- This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005
Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.
(CVE-2022-32807)
- This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be
able to gain root privileges. (CVE-2022-32801)
- Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths
that should be hidden according to configured path-based authorization (authz) rules. When a node has been
copied from a protected location, users with access to the copy can see the 'copyfrom' path of the
original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not
its contents. Both httpd and svnserve servers are vulnerable. (CVE-2021-28544)
- Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization
rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion
mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not
affected. (CVE-2022-24070)
- Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion
tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting
(XSS) vulnerability exploitable by attackers with Item/Configure permission. (CVE-2022-29046)
- A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows
attackers to connect to an attacker-specified URL. (CVE-2022-29048)
- An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey
12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user
information. (CVE-2022-32834)
- A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and
iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2022-32885)
- A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS
Monterey 12.5. A user may be tracked through their IP address. (CVE-2022-32861)
- A memory corruption issue was addressed with improved state management. This issue is fixed in Safari
15.6, macOS Monterey 12.5. Processing maliciously crafted web content may lead to arbitrary code
execution. (CVE-2022-32863)
- The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6
and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI
spoofing. (CVE-2022-32816)
- An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6
and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted
web content may lead to arbitrary code execution. (CVE-2022-32792)
- Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to
potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2294)
- An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and
iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with
kernel privileges. (CVE-2022-32860)
- This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS
15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.
(CVE-2022-32837)
- This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big
Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user
may be able to cause unexpected system termination or corrupt kernel memory. (CVE-2022-32847)
- A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS
Monterey 12.5. An app may be able to capture a user's screen. (CVE-2022-32848)
- An out-of-bounds read was addressed with improved bounds checking. (CVE-2022-48578)
- A memory corruption issue was addressed with improved validation. (CVE-2022-32897)
- webkitgtk: A website may able to track visited websites in private browsing (CVE-2022-32933)
Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported
version number.");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT213345");
script_set_attribute(attribute:"solution", value:
"Upgrade to macOS 12.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-26981");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-32845");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/20");
script_set_attribute(attribute:"patch_publication_date", value:"2022/07/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/08/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x:12.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos:12.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_ports("Host/MacOSX/Version", "Host/local_checks_enabled", "Host/MacOSX/packages/boms");
exit(0);
}
include('vcf.inc');
include('vcf_extras_apple.inc');
var app_info = vcf::apple::macos::get_app_info();
var constraints = [
{ 'fixed_version' : '12.5.0', 'min_version' : '12.0', 'fixed_display' : 'macOS Monterey 12.5' }
];
vcf::apple::macos::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xsrf':TRUE, 'xss':TRUE}
);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2294
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26981
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29046
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32816
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32838
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32839
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32842
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32843
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32845
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32847
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32848
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32849
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32851
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32852
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32880
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32885
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32933
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46708
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48578
support.apple.com/en-us/HT213345
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
0.015 Low
EPSS
Percentile
87.1%