Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-42827
HistoryNov 01, 2022 - 8:15 p.m.

CVE-2022-42827

2022-11-0120:15:24
CWE-787
[email protected]
web.nvd.nist.gov
2
out-of-bounds write
ios
ipados
arbitrary code execution
kernel privileges
actively exploited

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

JSON

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited…

Affected configurations

NVD
Node
appleipadosRange<15.7.1
OR
appleiphone_osRange<15.7.1
OR
appleiphone_osMatch16.0
OR
applemacosRange<12.6.1
OR
appletvosRange<16.1
OR
applewatchosRange<9.1

Related

cvelist 1
attackerkb 1
cnvd 1
malwarebytes 1
cve 1
prion 1
cisa_kev 1
thn 3
talosblog 1
apple 3
cvelist
cvelist
CVE-2022-42827
2022-11-01 00:00:00
attackerkb
attackerkb
CVE-2022-42827
2022-11-01 00:00:00
cnvd
cnvd
Apple iOS and iPadOS Arbitrary Code Execution Vulnerability
2022-10-26 00:00:00
malwarebytes
malwarebytes
iPhone zero-day. Update your devices now!
2022-10-26 17:15:00
cve
cve
CVE-2022-42827
2022-11-01 20:15:24
prion
prion
Design/Logic Flaw
2022-11-01 20:15:00
cisa_kev
cisa_kev
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
2022-10-25 00:00:00
thn
thn
Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri
2022-10-27 10:15:00
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
2022-10-25 03:35:00
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
2022-12-14 03:44:00
talosblog
talosblog
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
2022-10-27 18:00:06
apple
apple
About the security content of iOS 15.7.1 and iPadOS 15.7.1
2022-10-27 00:00:00
About the security content of iOS 16.1 and iPadOS 16
2022-10-24 00:00:00
About the security content of iOS 16.1 and iPadOS 16
2022-10-24 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

JSON
Related for NVD:CVE-2022-42827
cvelist1attackerkb1cnvd1malwarebytes1cve1prion1cisa_kev1thn3talosblog1apple3