Description
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
References (13)
Scores
CVSS v3
6.1
EPSS
0.0052
EPSS Percentile
67.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1021
Status
published
Products (11)
apple/ipados
< 16.0
apple/iphone_os
< 16.1
apple/macos
< 13.0
apple/safari
< 16.1
apple/tvos
< 16.1
apple/watchos
< 9.1
debian/debian_linux
10.0
debian/debian_linux
11.0
fedoraproject/fedora
35
fedoraproject/fedora
36
... and 1 more
Published
Nov 01, 2022
Tracked Since
Feb 18, 2026