CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Nov 10, 2025
CVE-2022-48503
Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing web content may lead to arbitrary code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
Required Action
https://support.apple.com/en-us/HT213340 ; https://support.apple.com/en-us/HT213341 ; https://support.apple.com/en-us/HT213342 ; https://support.apple.com/en-us/HT213345 ; https://support.apple.com/en-us/HT213346 ; https://nvd.nist.gov/vuln/detail/CVE-2022-48503
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Oct 20, 2025
- KEV Added
- Oct 20, 2025
- Due Date
- Nov 10, 2025
- Related Articles
- 0
Vendor
Apple
Multiple Products