VDB
CVE-2022-22666
CVE-2022-22666
PUBLISHED
CVSS 7.800000190734863 HIGH
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption.
EPSS 0.27% · 50.3th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.27%
50.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | tvos | 0 |
| Apple | watchOS | unspecified |
| apple | iphone_os | 0 |
| Apple | iOS and iPadOS | unspecified |
| Apple | tvOS | unspecified |
| apple | watchos | 0 |
| apple | ipados | 0 |
Exploit Intelligence
- https://support.apple.com/en-us/HT213182 (circl)
- https://support.apple.com/en-us/HT213193 (circl)
- https://support.apple.com/en-us/HT213186 (circl)
- http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html (circl)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
…and 106 more exploits
Timeline
- Jun 28, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Mar 15, 2022 CVE Published
- Mar 19, 2022 EPSS Score
- May 9, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Jun 29, 2022 EPSS Score
- Aug 20, 2022 EPSS Score
- Sep 16, 2022 PoC Published
- Oct 10, 2022 EPSS Score
- Dec 1, 2022 EPSS Score
References
- https://support.apple.com/en-us/HT213186 advisory
- https://support.apple.com/en-us/HT213193 advisory
- https://support.apple.com/fr-fr/HT213191 advisory
- https://support.apple.com/fr-fr/HT213182 advisory
- https://support.apple.com/fr-fr/HT213184 advisory
- https://support.apple.com/fr-fr/HT213185 advisory
- https://support.apple.com/fr-fr/HT213183 advisory
- https://support.apple.com/fr-fr/HT213188 advisory
- https://support.apple.com/fr-fr/HT213190 advisory
- https://support.apple.com/fr-fr/HT213193 advisory
- https://support.apple.com/fr-fr/HT213189 advisory
- https://support.apple.com/en-us/HT213182 url
- http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html url
- https://nvd.nist.gov/vuln/detail/CVE-2022-22666 advisory