Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 8, 2022

CVE-2022-32893

High
EPSS 0.2%CISA KEV
Apple/iOS and macOS

Description

Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.

EPSS — Exploit Probability

0.2%

Higher than 37.1% of all CVEs

Required Action

https://support.apple.com/en-gb/HT213412, https://support.apple.com/en-gb/HT213413; https://nvd.nist.gov/vuln/detail/CVE-2022-32893

Related Articles (1)

Malware & Threats

iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

Aug 19, 2022

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
0.2%
CISA KEV
Yes
Ransomware
Unknown
Articles
1

Timeline

Published

Aug 18, 2022

Added to KEV

Aug 18, 2022

Remediation Due

Sep 8, 2022

Affected Product

Apple

iOS and macOS

View all Apple CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE