{"vulnerability": "CVE-2022-3287", "sightings": [{"uuid": "f87ffdbf-a23e-43ec-8246-71ee2b515b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32870", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32870\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may be able to use Siri to obtain some call history information.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T03:35:22.647Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446\n2. https://support.apple.com/en-us/HT213488\n3. https://support.apple.com/en-us/HT213486", "creation_timestamp": "2025-05-06T04:20:19.000000Z"}, {"uuid": "5f6f0b02-36ff-4c62-bb2f-173915e4fad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32877", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15120", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32877\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T14:10:33.246Z\n\ud83d\udd17 References:\n1. https://support.apple.com/kb/HT213446\n2. https://support.apple.com/en-us/HT213443\n3. https://support.apple.com/en-us/HT213444", "creation_timestamp": "2025-05-06T14:21:29.000000Z"}, {"uuid": "95fc1d6d-6538-4099-a816-ed6d2d457434", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32879", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32879\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T19:01:22.732Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446\n2. https://support.apple.com/en-us/HT213445\n3. https://support.apple.com/en-us/HT213488\n4. https://support.apple.com/en-us/HT213486\n5. https://support.apple.com/en-us/HT213487", "creation_timestamp": "2025-05-06T19:21:17.000000Z"}, {"uuid": "611db445-bb21-4ff8-b532-cc524f2c18b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32875", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15119", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32875\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T14:12:29.484Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446\n2. https://support.apple.com/en-us/HT213443\n3. https://support.apple.com/en-us/HT213444\n4. https://support.apple.com/en-us/HT213488\n5. https://support.apple.com/en-us/HT213486", "creation_timestamp": "2025-05-06T14:21:27.000000Z"}, {"uuid": "ec81375d-9567-48b5-814e-7260a0f79d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32876", "type": "seen", "source": "https://t.me/cibsecurity/68520", "content": "\u203c CVE-2022-32876 \u203c\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T02:20:10.000000Z"}, {"uuid": "05eba04b-b30f-472f-9c8b-caf518d9b1f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32871", "type": "seen", "source": "https://t.me/cibsecurity/61792", "content": "\u203c CVE-2022-32871 \u203c\n\nA logic issue was addressed with improved restrictions. This issue is fixed in iOS 16. A person with physical access to a device may be able to use Siri to access private calendar information\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T22:23:07.000000Z"}, {"uuid": "88f40229-80d6-4a9f-abd4-d26630a50237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3287", "type": "seen", "source": "https://t.me/cibsecurity/50633", "content": "\u203c CVE-2022-3287 \u203c\n\nWhen creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T00:34:38.000000Z"}]}