Lucene search
HistoryNov 01, 2022 - 8:15 p.m.
CVE-2022-32835
persistent device identifier
ios 16
watchos 9
improved entitlements
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
22.1%
This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.
Affected configurations
Node
appleiphone_osRange<16.0
ORapplewatchosRange<9.0
Related
cve
cve
CVE-2022-32835
2022-11-01 20:15:17
prion
prion
Information disclosure
2022-11-01 20:15:00
cvelist
cvelist
CVE-2022-32835
2022-11-01 00:00:00
apple
apple
About the security content of watchOS 9
2022-09-12 00:00:00
About the security content of iOS 16
2022-09-12 00:00:00
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
22.1%
Related for NVD:CVE-2022-32835