SB2022091233 - Multiple vulnerabilities in Apple iOS and iPadOS
Published: September 12, 2022 Updated: October 30, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 20 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32854)
The vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions within the Contacts app. A local application can bypass Privacy preferences.
2) Buffer overflow (CVE-ID: CVE-2022-32911)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
3) Out-of-bounds read (CVE-ID: CVE-2022-32864)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the OS kernel. A local application can trigger an out-of-bounds read error and read kernel memory.
4) Buffer overflow (CVE-ID: CVE-2022-32917)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
5) Information disclosure (CVE-ID: CVE-2022-32883)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a logic issue in the Maps component. A remote attacker can gain unauthorized access to sensitive location information.
6) Buffer overflow (CVE-ID: CVE-2022-32908)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in MediaLibrary. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
7) Spoofing attack (CVE-ID: CVE-2022-32795)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of web content in Safari. A remote attacker can spoof the address bar of a page content.
8) Information disclosure (CVE-ID: CVE-2022-32868)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data exposure. A remote attacker can track users through Safari web extensions.
9) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32872)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to logic issue in Shortcuts. An attacker with physical access to device can access photos from the lock screen.
10) Buffer overflow (CVE-ID: CVE-2022-32886)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing web content in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
11) Out-of-bounds read (CVE-ID: CVE-2022-32912)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger out-of-bounds read and execute arbitrary code on the target system.
12) Information disclosure (CVE-ID: CVE-2022-32879)
The vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper state management in Notifications. An attacker with physical access to device can access contacts from the lock screen.
13) Out-of-bounds write (CVE-ID: CVE-2022-32888)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
14) Security features bypass (CVE-ID: CVE-2022-32892)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper access restrictions within WebKit Sandboxing. A remote attacker can trick the victim into visiting a specially crafted website and bypass implemented sandbox restrictions on the browser process.
15) Buffer overflow (CVE-ID: CVE-2022-32898)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
16) Buffer overflow (CVE-ID: CVE-2022-32899)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
17) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32929)
The vulnerability allows a local application to gain access to iOS backups.
The vulnerability exists due to insecure permissions within the Backup feature. A local application can gain access to iOS backups.
18) Security features bypass (CVE-ID: CVE-2022-42790)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to a logic issue in the Sidecar. An attacker with physical access to device can view restricted content from the lock screen.
19) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2022-42793)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to incorrect verification of cryptographic signature within the Security component. A remote attacker can trick the victim into running a malicious app that appears to have a valid signature and compromise the affected system.
20) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-42796)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due within the Audio subsystem. A local application can escalate privileges on the system.
Remediation
Install update from vendor's website.