CVE-2022-42849

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges.
References
Link Resource
https://support.apple.com/en-us/HT213530 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213535 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213536 Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2022/Dec/26 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Dec/20 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Information

Published : 2022-12-15 11:15

Updated : 2023-01-09 08:55


NVD link : CVE-2022-42849

Mitre link : CVE-2022-42849


JSON object : View

CWE
CWE-863

Incorrect Authorization

Advertisement

dedicated server usa

Products Affected

apple

  • watchos
  • iphone_os
  • tvos
  • ipados