CVE-2022-42805

Published: Dic 15, 2022 Last Modified: Apr 21, 2025 EU-VD ID: EUVD-2022-45868 Aliases: GSD-2022-42805

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,8

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0005

Percentile

0,2th

Updated

EPSS Score Trend (Last 90 Days)

190

Integer Overflow or Wraparound

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Memory) Dos: Instability Modify Memory Execute Unauthorized Code Or Commands Bypass Protection Mechanism Alter Execution Logic Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: C, Not Language-Specific

Likelihood of Exploit: Medium

View CWE Details

Operating System

Iphone Os by Apple

Product Information

Vendor Apple

Product Iphone Os

Version Range Affected

To 15.6 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Ipados by Apple

Product Information

Vendor Apple

Product Ipados

Version Range Affected

To 15.6 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Macos by Apple

Product Information

Vendor Apple

Product Macos

Version Range Affected

From 12.0.0 (inclusive)

To 12.5 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://support.apple.com/en-us/HT213345

Release Notes Vendor Advisory

https://support.apple.com/en-us/HT213345

https://support.apple.com/en-us/HT213346

Release Notes Vendor Advisory

https://support.apple.com/en-us/HT213346

https://support.apple.com/en-us/HT213345

Release Notes Vendor Advisory

https://support.apple.com/en-us/HT213345

https://support.apple.com/en-us/HT213346

Release Notes Vendor Advisory

https://support.apple.com/en-us/HT213346

CVE-2022-42805

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Integer Overflow or Wraparound

Common Consequences

Applicable Platforms

Iphone Os by Apple

Product Information

Ipados by Apple

Product Information

Macos by Apple

Product Information

Iscriviti alla newsletter