{"vulnerability": "CVE-2022-22633", "sightings": [{"uuid": "62e9cc5a-4fb4-4846-8d2e-b631a70596ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22633", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP    : 62.90.118.183\n -IPv6  : OFF\n -Port  : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda   : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n        + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n        + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n        + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n        + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n        + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n        + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n        + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n        + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n        + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n        + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"}, {"uuid": "8b31d03e-7efe-4dae-b638-c28bdd826e11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22633", "type": "seen", "source": "https://t.me/true_secator/2732", "content": "\u041f\u043e\u0440\u0446\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 Apple \u0432\u044b\u0448\u043b\u0430 \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 39 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445 iOS/iPadOS.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0435\u0441\u043b\u0438 \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c iPhone \u043e\u0442\u043a\u0440\u043e\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b PDF \u0438\u043b\u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0432\u0435\u0431-\u043a\u043e\u043d\u0442\u0435\u043d\u0442.\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c \u0434\u0435\u0432\u0430\u0439\u0441\u0430\u043c Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f macOS (\u0432\u043a\u043b\u044e\u0447\u0430\u044f Catalina, Big Sur, Monterey), tvOS, WatchOS, iTunes \u0438 Xcode.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 iOS 15.4 \u0438 iPadOS 15.4 \u0440\u0435\u0448\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u041e\u0421, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Accelerate Framework, \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 ImageIO \u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 WebKit.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0438\u0437 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f CVE-2022-22633 (Accelerate Framework), CVE-2022-22611 (ImageIO), CVE-2022-22610 (WebKit), CVE-2022-22624 \u0438 CVE- 2022-22628 \u043a\u0430\u0436\u0434\u0430\u044f \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f iOS \u0438 iPadOS \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u041e\u0421, \u0432\u043a\u043b\u044e\u0447\u0430\u044f AVEVideoEncoder, CoreMedia, FaceTime, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430, iTunes, \u044f\u0434\u0440\u0435, Sandbox, Siri \u0438 \u041f\u041e \u0434\u043b\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2022-03-15T15:50:00.000000Z"}, {"uuid": "b53c6488-0bf0-4695-9d4b-760c896cb48e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22633", "type": "seen", "source": "https://t.me/cibsecurity/39248", "content": "\u203c CVE-2022-22633 \u203c\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:28:58.000000Z"}]}