CVE-2022-22598

LOW

iPadOS < 15.4 - Unprotected Camera Metadata Exposure

Title source: llm
STIX 2.1

Description

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.

References (1)

Core 1
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213182

Scores

CVSS v3 3.3
EPSS 0.0029
EPSS Percentile 20.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

Status published
Products (2)
apple/ipados < 15.4
apple/iphone_os < 15.4
Published Mar 18, 2022
Tracked Since Feb 18, 2026