{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-42805","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-04-21T16:18:28.195Z","dateReserved":"2022-10-11T00:00:00.000Z","datePublished":"2022-12-15T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2022-12-15T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges."}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"12.5","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"15.6","status":"affected","versionType":"custom"}]}],"references":[{"url":"https://support.apple.com/en-us/HT213345"},{"url":"https://support.apple.com/en-us/HT213346"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"An app may be able to execute arbitrary code with kernel privileges"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T13:19:04.668Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213345","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213346","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-190","lang":"en","description":"CWE-190 Integer Overflow or Wraparound"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-21T16:17:26.725541Z","id":"CVE-2022-42805","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-21T16:18:28.195Z"}}]}}