VDB
CVE-2022-32894
CVE-2022-32894
PUBLISHED
KEV
CVSS 7.800000190734863 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
EPSS 0.33% · 56.4th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.33%
56.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | macos | 12.0, 11.0 |
| Apple | macOS | unspecified |
| Apple | iOS and iPadOS | unspecified |
| apple | ipados | 0 |
| apple | watchos | 0 |
| apple | iphone_os | 0 |
Exploit Intelligence
- CIRCL exploited: CVE-2022-32894 (circl-sighting)
- CIRCL seen: CVE-2022-32894 (circl-sighting)
- CIRCL seen: CVE-2022-32894 (circl-sighting)
- CIRCL seen: CVE-2022-32894 (circl-sighting)
- CIRCL seen: CVE-2022-32894 (circl-sighting)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-32894 (circl)
- https://support.apple.com/kb/HT213443 (circl)
- https://support.apple.com/kb/HT213486 (circl)
- 20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7 (circl)
- 20221030 APPLE-SA-2022-10-27-13 watchOS 9 (circl)
…and 33 more exploits
Timeline
- Aug 17, 2022 PoC Published
- Aug 18, 2022 CISA KEV Added
- Aug 18, 2022 PoC Published
- Aug 24, 2022 CVE Published
- Aug 25, 2022 EPSS Score
- Aug 30, 2022 EPSS Score
- Oct 10, 2022 EPSS Score
- Nov 24, 2022 EPSS Score
- Jan 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 10, 2023 EPSS Score
- May 26, 2023 EPSS Score
References
- https://support.apple.com/kb/HT213443 url
- https://support.apple.com/en-us/HT213412 url
- https://support.apple.com/en-us/HT213413 url
- 20220831 APPLE-SA-2022-08-31-1 iOS 12.5.6 mailing-list
- https://support.apple.com/kb/HT213486 url
- 20221030 APPLE-SA-2022-10-27-13 watchOS 9 mailing-list
- 20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7 mailing-list
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-32894 url
- https://nvd.nist.gov/vuln/detail/CVE-2022-32894 advisory
- https://support.apple.com/fr-fr/HT213413 advisory
- https://support.apple.com/fr-fr/HT213412 advisory
- https://support.apple.com/en-us/HT213443 advisory
- https://support.apple.com/en-us/HT213445 advisory
- https://support.apple.com/en-us/HT213442 advisory
- https://support.apple.com/en-us/HT213444 advisory
- https://support.apple.com/en-us/HT213446 advisory