Logic Flaw in Safari, iOS, and macOS Products
CVE-2022-46692

5.5MEDIUM

Key Information:

Vendor

Apple

Vendor
CVE Published:
15 December 2022

What is CVE-2022-46692?

A logic issue affecting various Apple products was identified, which, if exploited, could allow malicious web content to bypass the Same Origin Policy. This vulnerability was addressed with improved state management in recent product updates. It highlights the importance of keeping systems up to date to mitigate risks from potentially harmful attacks.

Affected Version(s)

iCloud for Windows < 14.1

tvOS < 16.2

tvOS < 13.1

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.