VAR-202201-0561 — Vulnetix

VAR-202201-0561 PUBLISHED CVSS 9.800000190734863 CRITICAL

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Apple	iOS and iPadOS	unspecified
Apple	macOS	unspecified, *

Timeline

Aug 24, 2021 CVE Published
Jan 27, 2022 PoC Published
Jun 14, 2023 PoC Published
Dec 24, 2024 PoC Published
Feb 23, 2025 PoC Published
Feb 2, 2026 PoC Published

References

https://support.apple.com/en-us/HT213053 url
https://support.apple.com/en-us/HT213054 url
https://support.apple.com/en-us/HT213055 url
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587 url

Open in Interactive Console →