CVE-2022-32913
3.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | macOS | unspecified < 13 | affected |
| Apple | macOS | unspecified < 16 | affected |
| Apple | macOS | unspecified < 11.7 | affected |
| Apple | watchOS | unspecified < 9 | affected |
| Apple | watchOS | unspecified < 16 | affected |
| Apple | watchOS | unspecified < 12.6 | affected |
Weaknesses
- A sandboxed app may be able to determine which app is currently using the camera
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/en-us/HT213446
- https://support.apple.com/en-us/HT213443
- https://support.apple.com/en-us/HT213444
- https://support.apple.com/en-us/HT213488
- https://support.apple.com/en-us/HT213486
- https://support.apple.com/en-us/HT213487
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://support.apple.com/en-us/HT213446
- https://support.apple.com/en-us/HT213443
- https://support.apple.com/en-us/HT213444
- https://support.apple.com/en-us/HT213488
- https://support.apple.com/en-us/HT213486
- https://support.apple.com/en-us/HT213487
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.