First published: Mon Mar 14 2022(Updated: )
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a malicious website may lead to address bar spoofing.
Credit: Abdullah Md Shaleh take0verAbdullah Md Shaleh take0ver product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <15.4 | |
Apple watchOS | <8.5 | |
Apple Safari | <15.4 | 15.4 |
Apple watchOS | <8.5 | 8.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-22654 is a vulnerability in Safari and watchOS that allows address bar spoofing when visiting a malicious website.
The severity of CVE-2022-22654 is medium, with a severity value of 4.3.
To fix CVE-2022-22654, update to watchOS 8.5 or Safari 15.4 or later versions.
You can find more information about CVE-2022-22654 in the Apple support articles: [link 1](https://support.apple.com/en-us/HT213187) and [link 2](https://support.apple.com/en-us/HT213193).