CVE-2022-46693

Summary

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiCloud for Windowsunspecified < 14.1affected
AppletvOSunspecified < 16.2affected
AppletvOSunspecified < 13.1affected
AppletvOSunspecified < 16.2affected
ApplewatchOSunspecified < 9.2affected

Weaknesses

  • Processing a maliciously crafted file may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References