Vulnerability in Apple Icloud For Windows
CVE-2022-46698
A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose se…
EPSS: 0.011 (78.7th percentile) — read the EPSS interpretation.
Affected products
- Apple Icloud For Windows — versions unspecified
- Apple Tvos — versions unspecified
- Apple Watchos — versions unspecified
Public proof-of-concept exploits
References
- support.apple.com/en-us/HT213535
- support.apple.com/en-us/HT213532
- support.apple.com/en-us/HT213538
- support.apple.com/en-us/HT213530
- support.apple.com/en-us/HT213536
- support.apple.com/en-us/HT213537
- 20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2 (mailing-list)
- 20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1 (mailing-list)
- 20221220 APPLE-SA-2022-12-13-7 tvOS 16.2 (mailing-list)
- 20221220 APPLE-SA-2022-12-13-9 Safari 16.2 (mailing-list)
Frequently asked questions
- What is CVE-2022-46698?
- CVE-2022-46698 is a vulnerability in Apple Icloud For Windows. Published 2022-12-15.
- Is CVE-2022-46698 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.