CVE-2022-32913

Summary

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13affected
ApplemacOSunspecified < 16affected
ApplemacOSunspecified < 11.7affected
ApplewatchOSunspecified < 9affected
ApplewatchOSunspecified < 16affected
ApplewatchOSunspecified < 12.6affected

Weaknesses

  • A sandboxed app may be able to determine which app is currently using the camera

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References