Severity Rating: High
Software Affected
Apple iOS and iPadOS versions prior to 16.2
iPhone 8 and later
iPad Pro (all models)
iPad Air 3rd generation and later
iPad 5th generation and later
iPad mini 5th generation and later
Apple iOS and iPadOS versions prior to 15.7.2
iPhone 6s (all models)
iPhone 7 (all models)
iPhone SE (1st generation)
iPad Pro (all models)
iPad Air 2 and later
iPad 5th generation and later
iPad mini 4 and later
iPod touch (7th generation)
Overview
Multiple
vulnerabilities have been reported in Apple iOS and iPadOS which could
allow a remote attacker to gain access to sensitive information, execute
arbitrary code, spoof the UI, gain elevated privileges, bypass security
restrictions or cause denial of service conditions on the targeted
system.
Description
These
vulnerabilities exist in the Accounts, AppleMobileFileIntegrity,
CoreServices, GPU Drivers, Graphics Driver, ImageIO, IOHIDFamily,
IOMobileFrameBuffer, Kernel, Photos, Preferences, Printing, Software
Update, Weather, AppleAVD, AVEVideoEncoder, File System, WebKit, iTunes
Store, libxml2, ppp, Safari components of Apple iOS and iPadOS.
Successful
exploitation of these vulnerabilities could allow the attacker gain
access to sensitive information, execute arbitrary code, spoof the UI,
gain elevated privileges, bypass security restrictions or cause denial
of service conditions on the targeted system.
Solution
Apply appropriate software updates as mentioned in the Apple Security updates
Vendor Information
Apple
References
Apple
CVE Name
CVE-2022-46694
CVE-2022-42848
CVE-2022-42861
CVE-2022-42846
CVE-2022-42864
CVE-2022-42837
CVE-2022-46689
CVE-2022-40303
CVE-2022-40304
CVE-2022-42840
CVE-2022-42855
CVE-2022-46695
CVE-2022-46691
CVE-2022-42852
CVE-2022-46692
CVE-2022-46700
CVE-2022-42856
CVE-2022-42843
CVE-2022-42865
CVE-2022-42859
CVE-2022-46702
CVE-2022-42850
CVE-2022-46693
CVE-2022-42851
CVE-2022-46690
CVE-2022-46701
CVE-2022-42842
CVE-2022-42844
CVE-2022-42845
CVE-2022-32943
CVE-2022-42862
CVE-2022-42849
CVE-2022-42866
CVE-2022-42867
CVE-2022-46696
CVE-2022-46698
CVE-2022-46699
CVE-2022-42863
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.