First published: Mon Mar 14 2022(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information.
Credit: George Chen Kaidi PayPal product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPadOS | <15.4 | |
Apple iPhone OS | <15.4 | |
Apple iOS | <15.4 | 15.4 |
Apple iPadOS | <15.4 | 15.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-22659 is a vulnerability in NetworkExtension that was addressed with improved state management.
CVE-2022-22659 affects Apple iOS (up to version 15.4) and Apple iPadOS (up to version 15.4).
The severity of CVE-2022-22659 is not provided in the information available.
To fix CVE-2022-22659, update your Apple iOS and iPadOS devices to version 15.4 or later.
You can find more information about CVE-2022-22659 on the Apple support website: https://support.apple.com/en-us/HT213182