CVE-2022-22638
Published on: Not Yet Published
Last Modified on: 11/02/2022 01:18:00 PM UTC
Certain versions of Ipados from Apple contain the following vulnerability:
A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack.
- CVE-2022-22638 has been assigned by
product-sec[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.5 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | NONE | HIGH |
CVSS2 Score: 4 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | NONE | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
About the security content of Security Update 2022-003 Catalina - Apple Support | support.apple.com text/html |
![]() |
About the security content of iOS 15.4 and iPadOS 15.4 - Apple Support | support.apple.com text/html |
![]() |
About the security content of macOS Monterey 12.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of macOS Big Sur 11.6.5 - Apple Support | support.apple.com text/html |
![]() |
About the security content of tvOS 15.4 - Apple Support | support.apple.com text/html |
![]() |
About the security content of watchOS 8.5 - Apple Support | support.apple.com text/html |
![]() |
Related QID Numbers
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Apple | Ipados | All | All | All | All |
Operating System | Apple | Iphone Os | All | All | All | All |
Operating System | Apple | Macos | All | All | All | All |
Operating System | Apple | Macos | 10.15.7 | - | All | All |
Operating System | Apple | Macos | 10.15.7 | security_update_2022-001 | All | All |
Operating System | Apple | Macos | 10.15.7 | security_update_2022-002 | All | All |
Operating System | Apple | Mac Os X | All | All | All | All |
Operating System | Apple | Mac Os X | 10.15.7 | security_update_2022-001 | All | All |
Operating System | Apple | Mac Os X | 10.15.7 | security_update_2022-002 | All | All |
Operating System | Apple | Tvos | All | All | All | All |
Operating System | Apple | Watchos | All | All | All | All |
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:10.15.7:security_update_2022-001:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:10.15.7:security_update_2022-002:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*:
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution - PATCH: NOW | 2022-03-15 13:18:46 |
![]() |
CVE-2022-22638 | 2022-03-18 19:38:52 |
![]() |
Found CVEs that I couldn't find in Shodan | 2022-11-04 06:43:55 |
![]() |
Found CVEs that I couldn't find in Shodan | 2022-11-04 06:27:08 |