Details of VAR-202211-0190

ID

VAR-202211-0190

CVE

CVE-2022-32887

TITLE

apple's iOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-022785

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges. apple's iOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-32887 // JVNDB: JVNDB-2022-022785 // VULHUB: VHN-424976

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lt	version:	16.0	Trust: 1.0
vendor:	アップル	model:	ios	scope:	eq	version:	16.0	Trust: 0.8
vendor:	アップル	model:	ios	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-022785 // NVD: CVE-2022-32887

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-32887
value:	HIGH
Trust: 1.8
CNNVD:	CNNVD-202211-1881
value:	HIGH
Trust: 0.6

NVD:
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-32887
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022785 // NVD: CVE-2022-32887 // CNNVD: CNNVD-202211-1881

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-022785 // NVD: CVE-2022-32887

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202211-1881

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202211-1881

CONFIGURATIONS

sources: NVD: CVE-2022-32887

PATCH

title:	HT213446 Apple Security update	url:	https://support.apple.com/en-us/ht213446	Trust: 0.8
title:	Apple iOS Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=213024	Trust: 0.6

sources: JVNDB: JVNDB-2022-022785 // CNNVD: CNNVD-202211-1881

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32887	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022785	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-1881	Trust: 0.6
db:	VULHUB	id:	VHN-424976	Trust: 0.1

sources: VULHUB: VHN-424976 // JVNDB: JVNDB-2022-022785 // NVD: CVE-2022-32887 // CNNVD: CNNVD-202211-1881

REFERENCES

url:	https://support.apple.com/en-us/ht213446	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32887	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-32887/	Trust: 0.6

sources: VULHUB: VHN-424976 // JVNDB: JVNDB-2022-022785 // NVD: CVE-2022-32887 // CNNVD: CNNVD-202211-1881

SOURCES

db:	VULHUB	id:	VHN-424976
db:	JVNDB	id:	JVNDB-2022-022785
db:	NVD	id:	CVE-2022-32887
db:	CNNVD	id:	CNNVD-202211-1881

LAST UPDATE DATE

2023-12-18T13:41:48.283000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424976	date:	2022-11-03T00:00:00
db:	JVNDB	id:	JVNDB-2022-022785	date:	2023-11-21T00:44:00
db:	NVD	id:	CVE-2022-32887	date:	2022-11-03T12:33:43.110
db:	CNNVD	id:	CNNVD-202211-1881	date:	2022-11-04T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424976	date:	2022-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2022-022785	date:	2023-11-21T00:00:00
db:	NVD	id:	CVE-2022-32887	date:	2022-11-01T20:15:18.520
db:	CNNVD	id:	CNNVD-202211-1881	date:	2022-11-01T00:00:00