Sign-up

ID

VAR-202210-1496


CVE

CVE-2022-42796


TITLE

Apple macOS Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

DESCRIPTION

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges

Trust: 0.99

sources: NVD: CVE-2022-42796 // VULHUB: VHN-439576

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.7

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

sources: NVD: CVE-2022-42796

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-42796
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202210-1644
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2022-42796 // CNNVD: CNNVD-202210-1644

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2022-42796

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-42796

PATCH
title:Apple macOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=212667
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202210-1644

EXTERNAL IDS
db:NVDid:CVE-2022-42796
Trust: 1.7
db:AUSCERTid:ESB-2022.5300
Trust: 0.6
db:CNNVDid:CNNVD-202210-1644
Trust: 0.6
db:VULHUBid:VHN-439576
Trust: 0.1
sources:
            
            
            VULHUB: VHN-439576 // 
            
            
            
            NVD: CVE-2022-42796 // 
            
            
            
            CNNVD: CNNVD-202210-1644

REFERENCES
url:https://support.apple.com/en-us/ht213488
Trust: 2.3
url:https://support.apple.com/en-us/ht213445
Trust: 1.7
url:https://cxsecurity.com/cveshow/cve-2022-42796/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.5300
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-39702
Trust: 0.6
sources:
            
            
            VULHUB: VHN-439576 // 
            
            
            
            NVD: CVE-2022-42796 // 
            
            
            
            CNNVD: CNNVD-202210-1644

SOURCES
db:VULHUBid:VHN-439576
db:NVDid:CVE-2022-42796
db:CNNVDid:CNNVD-202210-1644

LAST UPDATE DATE
2023-12-18T11:06:14.550000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-439576date:2022-11-03T00:00:00
db:NVDid:CVE-2022-42796date:2022-11-03T03:52:34.787
db:CNNVDid:CNNVD-202210-1644date:2022-11-04T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-439576date:2022-11-01T00:00:00
db:NVDid:CVE-2022-42796date:2022-11-01T20:15:22.770
db:CNNVDid:CNNVD-202210-1644date:2022-10-24T00:00:00