Detections
Analytics

CVE-2022-32893

high

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

References

https://www.debian.org/security/2022/dsa-5220

https://www.debian.org/security/2022/dsa-5219

https://security.gentoo.org/glsa/202208-39

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/

https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html

http://www.openwall.com/lists/oss-security/2022/09/13/1

http://www.openwall.com/lists/oss-security/2022/09/02/10

http://www.openwall.com/lists/oss-security/2022/08/29/2

http://www.openwall.com/lists/oss-security/2022/08/29/1

http://www.openwall.com/lists/oss-security/2022/08/26/2

http://www.openwall.com/lists/oss-security/2022/08/25/5

http://seclists.org/fulldisclosure/2022/Oct/49

http://seclists.org/fulldisclosure/2022/Aug/16

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://support.apple.com/en-us/HT213486

https://support.apple.com/en-us/103007

https://support.apple.com/en-us/103006

https://support.apple.com/en-us/103005

https://support.apple.com/en-us/HT213414

https://support.apple.com/en-us/HT213413

https://support.apple.com/en-us/HT213412

Details

Source: Mitre, NVD

Published: 2022-08-24

Updated: 2025-02-28

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00098