CVE-2022-22620

Name of the Vulnerable Software and Affected Versions Safari versions prior to 15.3 iOS versions prior to 15.3.1 iPadOS versions prior to 15.3.1 macOS Monterey versions prior to 12.2.1 PS4 versions 6.xx through 9.xx PS5 versions 1.xx through 5.xx

Description The issue is related to a use-after-free vulnerability in the WebKit component, which could be exploited by processing maliciously crafted web content, leading to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. The vulnerability was initially fixed in 2013 but was reintroduced in 2016, leaving it open for 5 years.

Recommendations For Safari versions prior to 15.3, update to version 15.3 or later. For iOS versions prior to 15.3.1, update to version 15.3.1 or later. For iPadOS versions prior to 15.3.1, update to version 15.3.1 or later. For macOS Monterey versions prior to 12.2.1, update to version 12.2.1 or later. For PS4 versions 6.xx through 9.xx, consider disabling the WebKit component until a patch is available. For PS5 versions 1.xx through 5.xx, consider disabling the WebKit component until a patch is available. As a temporary workaround, consider restricting access to malicious web content to minimize the risk of exploitation.