Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Nov 10, 2025

CVE-2022-48503

High
EPSS 0.3%CISA KEV
Apple/Multiple Products

Description

Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing web content may lead to arbitrary code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

EPSS — Exploit Probability

0.3%

Higher than 55.1% of all CVEs

Required Action

https://support.apple.com/en-us/HT213340 ; https://support.apple.com/en-us/HT213341 ; https://support.apple.com/en-us/HT213342 ; https://support.apple.com/en-us/HT213345 ; https://support.apple.com/en-us/HT213346 ; https://nvd.nist.gov/vuln/detail/CVE-2022-48503

Related Articles (1)

Industry News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Mar 4, 2026

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
0.3%
CISA KEV
Yes
Ransomware
Unknown
Articles
1

Timeline

Published

Oct 20, 2025

Added to KEV

Oct 20, 2025

Remediation Due

Nov 10, 2025

Affected Product

Apple

Multiple Products

View all Apple CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE