NVD disclosure day

Published threat advisories for September 20, 2022

CVE-2022-32917

Apple Operating System Kernel Privilege Escalation

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Apple operating systems may allow applications to execute arbitrary code with kernel privileges, potentially impacting data integrity and system control. Apple is aware of active exploitation. Risk is considered internal, requiring local application access for exploitation.

NVD published: September 20, 2022 • CISA KEV

CVE advisoryCRITICAL

CVE-2022-2177

Kayrasoft product allows attackers to steal customer data or take control of services.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Kayrasoft products before version 2 have a critical SQL injection flaw that lets unauthenticated attackers steal or change your data. Update now to prevent unauthorized access to sensitive information.

NVD published: September 20, 2022