CVE-2022-42849
First published: Tue Dec 13 2022(Updated: )
Software Update. An access issue existed with privileged API calls. This issue was addressed with additional restrictions.
Credit: Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <16.2 | 16.2 | |
| <16.2 | 16.2 | |
| <16.2 | 16.2 | |
| Apple watchOS | <9.2 | 9.2 |
| Apple iPadOS | <16.2 | |
| Apple iPhone OS | <16.2 | |
| Apple tvOS | <16.2 | |
| Apple watchOS | <9.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2022/Dec/20
- http://seclists.org/fulldisclosure/2022/Dec/26
- https://support.apple.com/en-us/HT213530 (Advisory)
- https://support.apple.com/en-us/HT213535 (Advisory)
- https://support.apple.com/en-us/HT213536 (Advisory)
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213530
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-46717
- CVE-2022-42843
- CVE-2022-46694
- CVE-2022-42865
- CVE-2022-42848
- CVE-2022-42859
- CVE-2022-46720
- CVE-2022-46702
- CVE-2022-42850
- CVE-2022-42846
- CVE-2022-46710
- CVE-2022-46693
- CVE-2022-42851
- CVE-2022-42864
- CVE-2022-46690
- CVE-2022-42837
- CVE-2022-46689
- CVE-2022-46701
- CVE-2022-42842
- CVE-2022-42861
- CVE-2022-42844
- CVE-2022-42845
- CVE-2022-48618
- CVE-2022-42839
- CVE-2022-46716
- CVE-2022-32943
- CVE-2022-42840
- CVE-2022-42855
- CVE-2022-42862
- CVE-2022-46695
- CVE-2022-42849
- CVE-2022-46718
- CVE-2022-46703
- CVE-2022-42866
- CVE-2022-32919
- CVE-2022-42856
- CVE-2022-46725
- CVE-2022-46705
- CVE-2022-42867
- CVE-2022-46691
- CVE-2022-46692
- CVE-2022-42852
- CVE-2022-46696
- CVE-2022-46700
- CVE-2022-46698
- CVE-2022-46699
- CVE-2022-42863
- CVE-2022-40303
- CVE-2022-40304
Frequently Asked Questions
What is CVE-2022-42849?
CVE-2022-42849 is a vulnerability related to an access issue with privileged API calls in various Apple software, including iOS, iPadOS, watchOS, and tvOS.
How does CVE-2022-42849 affect Apple devices?
CVE-2022-42849 affects Apple devices running iOS up to version 16.2, iPadOS up to version 16.2, watchOS up to version 9.2, and tvOS up to version 16.2.
What is the severity of CVE-2022-42849?
The severity of CVE-2022-42849 is not mentioned in the provided information.
How can I fix CVE-2022-42849?
To fix CVE-2022-42849, you should update your Apple device to the latest available software version.
Where can I find more information about CVE-2022-42849?
You can find more information about CVE-2022-42849 on the Apple support website. References: [1](https://support.apple.com/en-us/HT213530), [2](https://support.apple.com/en-us/HT213536), [3](https://support.apple.com/en-us/HT213535).
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup-request
- agent/software-canonical-lookup
- collector/nvd-index
- vendor/apple
- canonical/apple ios
- canonical/apple ipados
- canonical/apple tvos
- canonical/apple watchos
- canonical/apple iphone os