CVE-2022-46689

Description from NVD

A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.

Information Acquisition Date:2023-01-14T14:50Z
CVSS 2.0: 0.0 None CVSS 3.x: 7.0 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

NVD References

 https://support.apple.com/en-us/HT213531
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213532
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213530
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213535
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213536
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213533
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT213534
     source:MISC
     tags:Release Notes    Vendor Advisory    
 20221220 APPLE-SA-2022-12-13-7 tvOS 16.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-8 watchOS 9.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    

Description from Forti

About the security content of macOS Ventura 13 1

Information Acquisition Date:2023/01/01

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apple(9 tweets) Linux(1 tweets) iOS(71 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com51
https://securityonline.info/cve-2022-46689-poc-macos-privil...8
https://news.ycombinator.com/item?id=340324025
https://github.com/zhuowei/MacDirtyCowDemo4
https://noticiasseguridad.com/vulnerabilidades/exploit-publ...4
https://xcloud.spectrum.colortokens.com/cve/CVE-2022-466894
https://twitter.com/zhuowei/status/16041626703197962243
https://bugs.chromium.org/p/project-zero/issues/detail?id=23613
https://support.apple.com/en-us/HT2135303
https://worthdoingbadly.com/macdirtycow3
https://tools4hack.santalab.me/release-cve-2022-46689-macdi...3

▼ Show Information from Twitter(147)


List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com51
securityonline.info8
news.ycombinator.com5
github.com4
noticiasseguridad.com4
xcloud.spectrum.colortokens.com4
twitter.com3
bugs.chromium.org3
support.apple.com3
worthdoingbadly.com3
tools4hack.santalab.me3

▼ Show Information from Twitter(147)


GitHub Search Results: Up to 10
NameURL
mineek/FileManager https://github.com/mineek/FileManager
ginsudev/WDBFontOverwrite https://github.com/ginsudev/WDBFontOverwrite
straight-tamago/FileSwitcherX https://github.com/straight-tamago/FileSwitcherX
straight-tamago/NoCameraSound https://github.com/straight-tamago/NoCameraSound
zhuowei/MacDirtyCowDemo https://github.com/zhuowei/MacDirtyCowDemo
straight-tamago/NoHomeBar https://github.com/straight-tamago/NoHomeBar
straight-tamago/DockTransparent https://github.com/straight-tamago/DockTransparent
BomberFish/Mandela https://github.com/BomberFish/Mandela
Live-Hack-CVE/CVE-2022-46689 https://github.com/Live-Hack-CVE/CVE-2022-46689
staturnzz/sw1tch https://github.com/staturnzz/sw1tch

GitHub Search Results: Up to 10
NameURL
mineek/FileManager github.com
ginsudev/WDBFontOverwrite github.com
straight-tamago/FileSwitcherX github.com
straight-tamago/NoCameraSound github.com
zhuowei/MacDirtyCowDemo github.com
straight-tamago/NoHomeBar github.com
straight-tamago/DockTransparent github.com
BomberFish/Mandela github.com
Live-Hack-CVE/CVE-2022-46689 github.com
staturnzz/sw1tch github.com

2023/02/06 Score : 0
Added Har-sia Database : 2022/12/14
Last Modified : 2023/02/06
Highest Scored Date : 2022/12/19
Highest Score : 30