Sign-up

ID

VAR-202210-2057


CVE

CVE-2022-32925


TITLE

Apple tvOS Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202210-2600

DESCRIPTION

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory. Apple tvOS is a smart TV operating system developed by Apple (Apple). No detailed vulnerability details were provided at this time

Trust: 0.99

sources: NVD: CVE-2022-32925 // VULHUB: VHN-425014

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.0

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:9.0

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:16.0

Trust: 1.0

sources: NVD: CVE-2022-32925

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-32925
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202210-2600
value: HIGH

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.2
version: 3.1

Trust: 1.0

sources: NVD: CVE-2022-32925 // CNNVD: CNNVD-202210-2600

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-425014 // NVD: CVE-2022-32925

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-2600

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202210-2600

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-32925

PATCH
title:Apple tvOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=212883
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202210-2600

EXTERNAL IDS
db:NVDid:CVE-2022-32925
Trust: 1.7
db:AUSCERTid:ESB-2022.5473
Trust: 0.6
db:AUSCERTid:ESB-2022.5462
Trust: 0.6
db:CNNVDid:CNNVD-202210-2600
Trust: 0.6
db:CNVDid:CNVD-2022-74081
Trust: 0.1
db:VULHUBid:VHN-425014
Trust: 0.1
sources:
            
            
            VULHUB: VHN-425014 // 
            
            
            
            NVD: CVE-2022-32925 // 
            
            
            
            CNNVD: CNNVD-202210-2600

REFERENCES
url:https://support.apple.com/en-us/ht213446
Trust: 1.7
url:https://support.apple.com/en-us/ht213486
Trust: 1.7
url:https://support.apple.com/en-us/ht213487
Trust: 1.7
url:https://cxsecurity.com/cveshow/cve-2022-32925/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.5462
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.5473
Trust: 0.6
sources:
            
            
            VULHUB: VHN-425014 // 
            
            
            
            NVD: CVE-2022-32925 // 
            
            
            
            CNNVD: CNNVD-202210-2600

SOURCES
db:VULHUBid:VHN-425014
db:NVDid:CVE-2022-32925
db:CNNVDid:CNNVD-202210-2600

LAST UPDATE DATE
2023-12-18T11:35:02.833000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-425014date:2022-11-02T00:00:00
db:NVDid:CVE-2022-32925date:2022-11-02T17:51:34.553
db:CNNVDid:CNNVD-202210-2600date:2022-11-03T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-425014date:2022-11-01T00:00:00
db:NVDid:CVE-2022-32925date:2022-11-01T20:15:19.577
db:CNNVDid:CNNVD-202210-2600date:2022-10-31T00:00:00