CVE-2022-32835: Infoleak

Q: What is CVE-2022-32835?

CVE-2022-32835 is a vulnerability found in the Watch app for Apple iOS and watchOS.

Q: What is the severity of CVE-2022-32835?

The severity of CVE-2022-32835 is not specified in the provided information.

Q: How was CVE-2022-32835 addressed?

CVE-2022-32835 was addressed with improved entitlements.

Q: Which versions of Apple iOS and watchOS are affected by CVE-2022-32835?

CVE-2022-32835 affects Apple iOS versions up to exclusive version 16 and Apple watchOS versions up to exclusive version 9.

Q: Where can I find more information about CVE-2022-32835?

More information about CVE-2022-32835 can be found on the following Apple support pages: [Link 1](https://support.apple.com/en-us/HT213446), [Link 2](https://support.apple.com/en-us/HT213486).

Published Sep 12, 2022

Updated

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

Other sources

Watch app. This issue was addressed with improved entitlements.

— Apple

Credit

Guilherme Rambo(Best Buddy Apps)

Affected Software

4 affected componentsFixes available

Apple WatchOS<9

Apple iOS<16

Apple iPhone OS<16.0

Apple WatchOS<9.0

Event History

Nov 1, 2022

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is CVE-2022-32835?

CVE-2022-32835 is a vulnerability found in the Watch app for Apple iOS and watchOS.

What is the severity of CVE-2022-32835?

The severity of CVE-2022-32835 is not specified in the provided information.

How was CVE-2022-32835 addressed?

CVE-2022-32835 was addressed with improved entitlements.

Which versions of Apple iOS and watchOS are affected by CVE-2022-32835?