CVE-2022-22653: High severity apple ios and ipados vulnerability

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2022-22653.

Q: What is the severity of CVE-2022-22653?

The severity of CVE-2022-22653 is high with a severity value of 7.5.

Q: Which Apple software versions are affected by CVE-2022-22653?

iOS 15.4, iPadOS 15.4, Apple iPadOS up to version 15.4, and Apple iPhone OS up to version 15.4 are affected by CVE-2022-22653.

Q: How was CVE-2022-22653 fixed?

CVE-2022-22653 was fixed in iOS 15.4 and iPadOS 15.4.

Published Mar 14, 2022

Updated

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices.

Other sources

iTunes. A logic issue was addressed with improved restrictions.

Credit

Aymeric Chaib(CERT Banque de France)

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<15.4

15.4

Apple iOS, iPadOS, and macOS<15.4

15.4

Apple iOS, iPadOS, and macOS<15.4

iPhone OS<15.4

Event History

Mar 18, 2022

CVE Published

via MITRE·06:00 PM

Data Sourced

via MITRE·06:00 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT213182

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2022-22653.

What is the severity of CVE-2022-22653?

The severity of CVE-2022-22653 is high with a severity value of 7.5.

Which Apple software versions are affected by CVE-2022-22653?

iOS 15.4, iPadOS 15.4, Apple iPadOS up to version 15.4, and Apple iPhone OS up to version 15.4 are affected by CVE-2022-22653.

How was CVE-2022-22653 fixed?

CVE-2022-22653 was fixed in iOS 15.4 and iPadOS 15.4.

What is the potential impact of CVE-2022-22653?

A malicious website may be able to access information about the user and their devices.