Published: 01/11/2022 Updated: 09/01/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut may be able to check the existence of an arbitrary path on the file system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple macos
apple ipados
apple iphone os

CVE-2022-32938 PoC for a vulnerability that I found in Apple Shortcuts Fixed in iOS 161 and macOS 13 Ventura To be added

CVE-2022-32938 A parsing issue in the handling of directory paths was addressed with improved path validation This issue is fixed in iOS 161 and iPadOS 16, macOS Ventura 13 A shortcut may be able to check the existence of an arbitrary path on the file system authentication complexity vector not available not available not available confidentiality integrity ava

NVD-CWE-noinfo https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://github.com/iCMDgithub/CVE-2022-32938 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-32938

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect