CVE-2022-46718
In Apple iOS und Apple iPadOS existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Accounts", "AppleAVD", "AppleMobileFileIntegrity", "AVEVideoEncoder", "CoreServices", "GPU Drivers", "Graphics Driver", "ImageIO", "IOHIDFamily", "IOMobileFrameBuffer", "iTunes Store", "Kernel", "Photos", "ppp", "Preferences", "Printing", "Safari", "Software Update", "Weather" sowie "WebKit". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Root-Rechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.03% · 9.6th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Apple iOS <12.5.7 |
Exploit Intelligence
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc-repo)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc)
- CVE-2022-46718: an app may be able to read sensitive location information. (github-poc)
…and 23 more exploits
Timeline
- Dec 13, 2022 CVE Published
- May 3, 2023 PoC Published
- May 5, 2023 PoC Published
- Jun 24, 2023 EPSS Score
- Jul 9, 2023 PoC Published
- Jul 29, 2023 EPSS Score
- Sep 2, 2023 EPSS Score
- Oct 8, 2023 EPSS Score
- Nov 12, 2023 EPSS Score
- Dec 17, 2023 EPSS Score
- Jan 21, 2024 EPSS Score
- Feb 25, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2321.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2321 advisory
- https://support.apple.com/de-de/HT213530 advisory
- https://support.apple.com/de-de/HT213531 advisory
- https://support.apple.com/en-us/HT213597 advisory
- https://www.cisa.gov/news-events/alerts/2024/01/31/cisa-adds-one-known-exploited-vulnerability-catalog exploit