CVE-2022-46710 — Vulnetix

CVE-2022-46710 PUBLISHED CVSS 8.699999809265137 HIGH

In Apple iOS und Apple iPadOS existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Accounts", "AppleAVD", "AppleMobileFileIntegrity", "AVEVideoEncoder", "CoreServices", "GPU Drivers", "Graphics Driver", "ImageIO", "IOHIDFamily", "IOMobileFrameBuffer", "iTunes Store", "Kernel", "Photos", "ppp", "Preferences", "Printing", "Safari", "Software Update", "Weather" sowie "WebKit". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Root-Rechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.

EPSS 0.08% · 23.4th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.08%

23.4th percentile

Affected Products

Vendor	Product	Versions
Apple	Apple iOS <12.5.7

Exploit Intelligence

CIRCL seen: CVE-2022-46710 (circl-sighting)
CIRCL seen: CVE-2022-46710 (circl-sighting)
CIRCL seen: CVE-2022-46710 (circl-sighting)
https://support.apple.com/en-us/HT213532 (circl)
https://support.apple.com/en-us/HT213530 (circl)
https://www.cisa.gov/news-events/alerts/2024/01/31/cisa-adds-one-known-exploited-vulnerability-catalog (certbund)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)

…and 6 more exploits

Timeline

Dec 13, 2022 CVE Published
Jan 17, 2024 EPSS Score
Jan 30, 2024 PoC Published
Jan 30, 2024 PoC Published
Feb 14, 2024 EPSS Score
Mar 13, 2024 EPSS Score
Apr 10, 2024 EPSS Score
May 8, 2024 EPSS Score
Jun 5, 2024 EPSS Score
Jul 3, 2024 EPSS Score
Jul 3, 2024 CVE Updated
Jul 31, 2024 EPSS Score

References

Open in Interactive Console →