CVE-2022-22652 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-22652 PUBLISHED CVSS 6.099999904632568 MEDIUM

The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen.

EPSS 0.07% · 20.0th percentile

Risk Scores

CVSS v3.1

6.099999904632568

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score

0.07%

20.0th percentile

Affected Products

Vendor	Product	Versions
apple	iphone_os	0
apple	ipados	0
Apple	iOS and iPadOS	unspecified

Timeline

Jun 28, 2021 PoC Published
Dec 11, 2021 PoC Published
Dec 13, 2021 PoC Published
Mar 15, 2022 CVE Published
Mar 19, 2022 EPSS Score
May 9, 2022 EPSS Score
Jun 7, 2022 PoC Published
Jun 28, 2022 EPSS Score
Aug 19, 2022 EPSS Score
Sep 16, 2022 PoC Published
Oct 8, 2022 EPSS Score
Nov 28, 2022 EPSS Score

References

https://support.apple.com/fr-fr/HT213191 advisory
https://support.apple.com/fr-fr/HT213182 advisory
https://support.apple.com/fr-fr/HT213184 advisory
https://support.apple.com/fr-fr/HT213185 advisory
https://support.apple.com/fr-fr/HT213183 advisory
https://support.apple.com/fr-fr/HT213188 advisory
https://support.apple.com/fr-fr/HT213190 advisory
https://support.apple.com/fr-fr/HT213193 advisory
https://support.apple.com/fr-fr/HT213189 advisory
https://support.apple.com/en-us/HT213182 url
https://nvd.nist.gov/vuln/detail/CVE-2022-22652 advisory

Open in Interactive Console →