Skip to main content

Apple Products Multiple Vulnerabilities

Last Update Date: 1 Sep 2022 Release Date: 18 Aug 2022 9165 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.

 

Note:
CVE-2022-32893 and CVE-2022-32894 are being exploited in the wild.

CVE-2022-32893 vulnerability can exploit the WebKit that allows crafted web content to run arbitrary code on the targeted system.

CVE-2022-32894 vulnerability can exploit the Kernel that allows malicious apps to run arbitrary code with kernel privileges on the targeted system.

 

[Updated on 2022-09-01] Apple Inc. released security patch for iOS 12 regarding to CVE-2022-32893, and iOS 12 is not impacted by CVE-2022-32894. "Solutions" and "System / Technologies affected" section has been updated.


Impact

  • Remote Code Execution

System / Technologies affected

  • Versions prior to macOS Monterey 12.5.1
  • Versions prior to iOS 15.6.1
  • Versions prior to iOS 12.5.6
  • Versions prior to iPadOS 15.6.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:
  • macOS Monterey 12.5.1
  • iOS 15.6.1
  • iOS 12.5.6
  • iPadOS 15.6.1

Vulnerability Identifier


Source


Related Link