CVE-2022-22668

Published: Feb 27, 2023Modified: Mar 12, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information.

Affected (3)

Products: Apple: Ipados, Iphone Os, Macos

3 products

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 15.4
Apple Iphone Os	Before 15.4
Apple Macos	From 12.0 to 12.3

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://support.apple.com/en-us/HT213182

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213183

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213182

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213183

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.