Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-32894
HistoryAug 24, 2022 - 8:15 p.m.

CVE-2022-32894

2022-08-2420:15:09
CWE-787
[email protected]
web.nvd.nist.gov
1

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

51.1%

JSON

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Affected configurations

NVD
Node
appleipadosRange<15.6.1
OR
appleiphone_osRange<15.6.1
OR
applemacosRange11.011.7
OR
applemacosRange12.012.5.1
OR
applewatchosRange<9.0

Related

cvelist 1
cve 1
cnvd 1
attackerkb 1
cisa_kev 1
prion 1
nessus 3
malwarebytes 4
openvas 2
thn 6
apple 5
talosblog 2
hivepro 1
threatpost 1
qualysblog 2
cvelist
cvelist
CVE-2022-32894
2022-08-24 00:00:00
cve
cve
CVE-2022-32894
2022-08-24 20:15:09
cnvd
cnvd
Apple OS out-of-bounds write vulnerability
2022-08-18 00:00:00
attackerkb
attackerkb
CVE-2022-32894
2022-08-24 00:00:00
cisa_kev
cisa_kev
Apple iOS and macOS Out-of-Bounds Write Vulnerability
2022-08-18 00:00:00
prion
prion
Design/Logic Flaw
2022-08-24 20:15:00
nessus
nessus
macOS 12.x < 12.5.1 (HT213413)
2022-08-19 00:00:00
Apple iOS < 15.6.1 Multiple Vulnerabilities (HT213412)
2022-08-19 00:00:00
macOS 11.x < 11.7 (HT213443)
2022-09-15 00:00:00
malwarebytes
malwarebytes
Apple releases security update for iPhones and iPads to address vulnerability
2022-09-01 19:00:00
Urgent update for macOS and iOS! Two actively exploited zero-days fixed
2022-08-18 10:00:00
CISA wants you to patch these actively exploited vulnerabilities before September 8
2022-08-22 15:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213413)
2022-08-19 00:00:00
Apple Mac OS X Security Update (HT213443)
2022-09-13 00:00:00
thn
thn
Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability
2022-09-01 03:24:00
Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
2022-08-18 03:08:00
CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog
2022-08-20 14:19:00
apple
apple
About the security content of iOS 12.5.6
2022-08-31 00:00:00
About the security content of iOS 15.6.1 and iPadOS 15.6.1
2022-08-17 00:00:00
About the security content of macOS Monterey 12.5.1
2022-08-17 00:00:00
talosblog
talosblog
Threat Source newsletter (Aug. 25, 2022) — We're still not talking about Ukraine enough
2022-08-25 18:00:00
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
2022-10-27 18:00:06
hivepro
hivepro
Two Zero-day vulnerabilities in macOS BigSur
2022-09-14 13:58:43
threatpost
threatpost
iPhone Users Urged to Update to Patch 2 Zero-Days
2022-08-19 15:25:56
qualysblog
qualysblog
October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical.
2022-10-11 20:00:00
September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.
2022-09-13 20:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

51.1%

JSON
Related for NVD:CVE-2022-32894
cvelist1cve1cnvd1attackerkb1cisa_kev1prion1nessus3malwarebytes4openvas2thn6apple5talosblog2hivepro1threatpost1qualysblog2