CVE-2022-46701

Published: 15/12/2022 Updated: 08/08/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple ipados
apple iphone os
apple tvos
apple macos

PoCs poc1 (SMB) Target: SMBClient-2311202 Discovered on 31/01/2022, reported on 02/02/2022 PoC tested on macOS 122 CVE assigned: CVE-2022-22651 (14/03/2022) poc2 (SMB) Target: SMBClient-286409 Discovered on 05/02/2022, reported on 16/03/2022 PoC tested on macOS 123 CVE assigned: CVE-2022-26723 (16/05/2022) poc3 (SMB) Target: SMBClient-2871012 Discovered on 05/05/20

CWE-20 https://support.apple.com/en-us/HT213532 https://support.apple.com/en-us/HT213530 https://support.apple.com/en-us/HT213535 http://seclists.org/fulldisclosure/2022/Dec/26 http://seclists.org/fulldisclosure/2022/Dec/20 http://seclists.org/fulldisclosure/2022/Dec/23 https://nvd.nist.gov https://github.com/felix-pb/remote_pocs

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-46701

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect