CVE-2022-32879

Summary

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13affected
ApplemacOSunspecified < 16affected
ApplemacOSunspecified < 15.7affected
ApplewatchOSunspecified < 9affected
ApplewatchOSunspecified < 16affected

Weaknesses

  • A user with physical access to a device may be able to access contacts from the lock screen

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References