Apple Products Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.
CVE-2022-32893 and CVE-2022-32894 are being exploited in the wild.
CVE-2022-32893 vulnerability can exploit the WebKit that allows crafted web content to run arbitrary code on the targeted system.
CVE-2022-32894 vulnerability can exploit the Kernel that allows malicious apps to run arbitrary code with kernel privileges on the targeted system.
[Updated on 2022-09-01] Apple Inc. released security patch for iOS 12 regarding to CVE-2022-32893, and iOS 12 is not impacted by CVE-2022-32894. "Solutions" and "System / Technologies affected" section has been updated.
- Remote Code Execution
System / Technologies affected
- Versions prior to macOS Monterey 12.5.1
- Versions prior to iOS 15.6.1
- Versions prior to iOS 12.5.6
- Versions prior to iPadOS 15.6.1
Before installation of the software, please visit the vendor web-site for more details.
- macOS Monterey 12.5.1
- iOS 15.6.1
- iOS 12.5.6
- iPadOS 15.6.1