Sign-up

ID

VAR-202210-1625


CVE

CVE-2022-32922


TITLE

Apple Safari PDFPluginAnnotation Use-After-Free Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-23-647

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDFPluginAnnotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple macOS Big Sur is the 17th major release of Apple's operating system macOS for the MAC. Apple macOS Monterey is the 18th major release of macOS, the desktop operating system for the Macintosh. A security vulnerability exists in Apple Safari version 16.1. The following products and versions are affected: macOS Big Sur and macOS Monterey. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 iOS 16.1 and iPadOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213489. Apple Neural Engine Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32932: Mohamed Ghannam (@_simo36) Entry added October 27, 2022 AppleMobileFileIntegrity Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 AVEVideoEncoder Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. Backup Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access iOS backups Description: A permissions issue was addressed with additional restrictions. CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 CFNetwork Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) Core Bluetooth Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to record audio using a pair of connected AirPods Description: This issue was addressed with improved entitlements. CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes) FaceTime Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to view restricted content from the lock screen Description: A lock screen issue was addressed with improved state management. CVE-2022-32935: Bistrit Dahal Entry added October 27, 2022 GPU Drivers Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32947: Asahi Lina (@LinaAsahi) Graphics Driver Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin Entry added October 27, 2022 IOHIDFamily Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs IOKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42806: Tingting Yin of Tsinghua University Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom) Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42801: Ian Beer of Google Project Zero Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-42827: an anonymous researcher Model I/O Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted USD file may disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A buffer overflow may result in arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-42829: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42830: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42831: an anonymous researcher CVE-2022-42832: an anonymous researcher Safari Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a maliciously crafted website may leak sensitive data Description: A logic issue was addressed with improved state management. CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago Entry added October 27, 2022 Sandbox Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake Shortcuts Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A shortcut may be able to check the existence of an arbitrary path on the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 244622 CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University WebKit PDF Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 242781 CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose internal states of the app Description: A correctness issue in the JIT was addressed with improved checks. WebKit Bugzilla: 242964 CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab Entry added October 27, 2022 Wi-Fi Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Joining a malicious Wi-Fi network may result in a denial-of- service of the Settings app Description: The issue was addressed with improved memory handling. CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan Entry added October 27, 2022 zlib Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-37434: Evgeny Legerov CVE-2022-42800: Evgeny Legerov Entry added October 27, 2022 Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpsACgkQ4RjMIDke NxmS+w/8CfYJzSjrC2joLy6lOCg9Za2Mzc1+ynFTuVWud63t8zhif2lLU8Y+TOrG xUbstKDPw3ehwBBn97ZSkSoj3d+F+liPsUV5Udf1yssSF/5Ce7owa/V2KMCjliAr 1EvPOaiyXH94zrh+ddsTdikzDtNdseaYhSoYH4cQao/LPZx8bw4VSCxpQxSfOmoE /rSmqkq1wDpTXeLmHeQVBdLpM+QcEcpCkoQIpmeu3ntFhQrD3L9eAXcy3K7iI7qE Q/gTebUwLsLIhN6SrTu/sQaScErmOZqguOCTjPnkg9YQNxgu3jVuSlHuCWEZTvxq wqsHRSOMCU6xe7w3QPFsQmiMevFgRgWwuMTcCDIAaCTJTJ4Bx0mUirVCjFzEk8+w P6IScr4pearsQd31LSsu7OuirUmm/7ZH1XcAPdiDO4acorZNkt5Nzlf+x1Atls8j oMdrh0l2W44mvCgKtqPM0hz7xTTEwiyml7RWdz8Uf4qwjXjmZLt+Nt3GRGZ60JO6 fTkUHPhL/VnJz4rc90Zn+9LSK5u6JAQ6T16OA6CNqQ6ZFeN80zSzdSEzLuQC0FnL 08VhWzJNguA/xHidywQNeGqlhfT4posy6EDHp/9Q9heu/L1uRn/d1B5yxDpc2cyV w+AMI214/xT1VbJ9NMY3dXJBoVaDzhvC31ydXKPaCgCqc/mrlUo= =ULJl -----END PGP SIGNATURE----- . Safari 16.1 may be obtained from the Mac App Store

Trust: 1.98

sources: NVD: CVE-2022-32922 // ZDI: ZDI-23-647 // VULHUB: VHN-425011 // PACKETSTORM: 169558 // PACKETSTORM: 169556 // PACKETSTORM: 169550 // PACKETSTORM: 169607

AFFECTED PRODUCTS

vendor:applemodel:safariscope:ltversion:16.1

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:16.1

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:16.0

Trust: 1.0

vendor:applemodel:safariscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-23-647 // NVD: CVE-2022-32922

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-32922
value: HIGH

Trust: 1.0

ZDI: CVE-2022-32922
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202210-1675
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2022-32922
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-23-647 // NVD: CVE-2022-32922 // CNNVD: CNNVD-202210-1675

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.1

sources: VULHUB: VHN-425011 // NVD: CVE-2022-32922

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-1675

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202210-1675

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-32922

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-425011

PATCH
title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/ht213489
Trust: 0.7
title:Apple Safari Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=212849
Trust: 0.6
sources:
            
            
            ZDI: ZDI-23-647 // 
            
            
            
            CNNVD: CNNVD-202210-1675

EXTERNAL IDS
db:NVDid:CVE-2022-32922
Trust: 2.8
db:PACKETSTORMid:169607
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-17338
Trust: 0.7
db:ZDIid:ZDI-23-647
Trust: 0.7
db:CNNVDid:CNNVD-202210-1675
Trust: 0.7
db:AUSCERTid:ESB-2022.5303
Trust: 0.6
db:AUSCERTid:ESB-2022.5302
Trust: 0.6
db:PACKETSTORMid:169550
Trust: 0.2
db:PACKETSTORMid:169558
Trust: 0.2
db:PACKETSTORMid:169556
Trust: 0.2
db:VULHUBid:VHN-425011
Trust: 0.1
sources:
            
            
            ZDI: ZDI-23-647 // 
            
            
            
            VULHUB: VHN-425011 // 
            
            
            
            PACKETSTORM: 169558 // 
            
            
            
            PACKETSTORM: 169556 // 
            
            
            
            PACKETSTORM: 169550 // 
            
            
            
            PACKETSTORM: 169607 // 
            
            
            
            NVD: CVE-2022-32922 // 
            
            
            
            CNNVD: CNNVD-202210-1675

REFERENCES
url:https://support.apple.com/en-us/ht213495
Trust: 2.3
url:https://support.apple.com/en-us/ht213488
Trust: 1.7
url:https://support.apple.com/en-us/ht213489
Trust: 1.7
url:https://support.apple.com/ht213489
Trust: 0.7
url:https://packetstormsecurity.com/files/169607/apple-security-advisory-2022-10-27-15.html
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-39701
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.5302
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.5303
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-32922/
Trust: 0.6
url:https://support.apple.com/en-us/ht201222.
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-32922
Trust: 0.4
url:https://www.apple.com/support/security/pgp/
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-42799
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2022-42823
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2022-42824
Trust: 0.3
url:https://support.apple.com/ht213489.
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32924
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32940
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32923
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32938
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32946
Trust: 0.2
url:https://support.apple.com/ht213495.
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-32927
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32935
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32932
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32926
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32944
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32929
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32939
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32941
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-42806
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-42808
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-42811
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32947
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-42813
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-42820
Trust: 0.1
sources:
            
            
            ZDI: ZDI-23-647 // 
            
            
            
            VULHUB: VHN-425011 // 
            
            
            
            PACKETSTORM: 169558 // 
            
            
            
            PACKETSTORM: 169556 // 
            
            
            
            PACKETSTORM: 169550 // 
            
            
            
            PACKETSTORM: 169607 // 
            
            
            
            NVD: CVE-2022-32922 // 
            
            
            
            CNNVD: CNNVD-202210-1675

CREDITS
Yonghwi Jin (@jinmo123) at Theori
Trust: 0.7
sources:
            
            
            ZDI: ZDI-23-647

SOURCES
db:ZDIid:ZDI-23-647
db:VULHUBid:VHN-425011
db:PACKETSTORMid:169558
db:PACKETSTORMid:169556
db:PACKETSTORMid:169550
db:PACKETSTORMid:169607
db:NVDid:CVE-2022-32922
db:CNNVDid:CNNVD-202210-1675

LAST UPDATE DATE
2023-12-18T11:01:47.836000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-23-647date:2023-05-17T00:00:00
db:VULHUBid:VHN-425011date:2023-01-09T00:00:00
db:NVDid:CVE-2022-32922date:2023-01-09T16:41:59.350
db:CNNVDid:CNNVD-202210-1675date:2022-11-03T00:00:00

SOURCES RELEASE DATE
db:ZDIid:ZDI-23-647date:2023-05-17T00:00:00
db:VULHUBid:VHN-425011date:2022-11-01T00:00:00
db:PACKETSTORMid:169558date:2022-10-31T14:21:40
db:PACKETSTORMid:169556date:2022-10-31T14:20:25
db:PACKETSTORMid:169550date:2022-10-31T14:18:24
db:PACKETSTORMid:169607date:2022-10-31T15:10:32
db:NVDid:CVE-2022-32922date:2022-11-01T20:15:19.430
db:CNNVDid:CNNVD-202210-1675date:2022-10-24T00:00:00