Vulnerabilities > CVE-2022-46694 - Out-of-bounds Write vulnerability in Apple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://support.apple.com/en-us/HT213531
- https://support.apple.com/en-us/HT213530
- https://support.apple.com/en-us/HT213535
- https://support.apple.com/en-us/HT213536
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/20
- http://seclists.org/fulldisclosure/2022/Dec/21
- http://seclists.org/fulldisclosure/2022/Dec/27