CVE-2022-48610

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

T

his issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data.

References

Link	Resource
https://support.apple.com/en-us/102741	Vendor Advisory Release Notes
https://support.apple.com/en-us/102807	Vendor Advisory Release Notes
https://support.apple.com/en-us/102808	Vendor Advisory Release Notes

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

24 Mar 2025, 15:07

Type	Values Removed	Values Added
First Time		Apple macos Apple ipados Apple watchos Apple iphone Os Apple
References	~~() https://support.apple.com/en-us/102741 -~~	() https://support.apple.com/en-us/102741 - Vendor Advisory, Release Notes
References	~~() https://support.apple.com/en-us/102807 -~~	() https://support.apple.com/en-us/102807 - Vendor Advisory, Release Notes
References	~~() https://support.apple.com/en-us/102808 -~~	() https://support.apple.com/en-us/102808 - Vendor Advisory, Release Notes
CPE		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:watchos::::::::

11 Mar 2025, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-10 20:15

Updated : 2025-03-24 15:07

NVD link : CVE-2022-48610

Mitre link : CVE-2022-48610

CVE.ORG link : CVE-2022-48610

JSON object : View

Products Affected

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2022-48610", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-03-10T20:15:13.713", "references": [{"url": "https://support.apple.com/en-us/102741", "tags": ["Vendor Advisory", "Release Notes"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/102807", "tags": ["Vendor Advisory", "Release Notes"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/102808", "tags": ["Vendor Advisory", "Release Notes"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data."}, {"lang": "es", "value": "Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Ventura 13.1, watchOS 9.2, iOS 16.2 y iPadOS 16.2. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."}], "lastModified": "2025-03-24T15:07:44.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E", "versionEndExcluding": "16.2"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F", "versionEndExcluding": "16.2"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092", "versionEndExcluding": "13.1"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0", "versionEndExcluding": "9.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}