Memory Corruption Vulnerability in Apple Products
CVE-2022-46696

8.8HIGH

Key Information:

Vendor: Apple
Status: tvOS; watchOS
Vendor: CVE Published:; 15 December 2022

Summary

This vulnerability involves a memory corruption issue due to insufficient input validation in various Apple products. Attackers could potentially exploit this flaw by processing specially crafted web content, resulting in arbitrary code execution. Apple has released fixes in versions 16.2 of Safari, tvOS, and iOS, as well as macOS Ventura 13.1 and watchOS 9.2 to address this security concern and enhance the overall safety of users.

Affected Version(s)

tvOS < 16.2

tvOS < 13.1

tvOS < 16.2

References

https://support.apple.com/en-us/HT213535

https://support.apple.com/en-us/HT213532

https://support.apple.com/en-us/HT213530

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 15, 2022
Vulnerability Reserved
Dec 7, 2022