PT-2022-3651 · Apple · Ipados+6
Published
2022-03-31
·
Updated
2022-12-14
·
CVE-2022-22675
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 11.6.6
macOS Monterey versions prior to 12.3.1
iOS versions prior to 15.4.1
iPadOS versions prior to 15.4.1
tvOS versions prior to 15.5
watchOS versions prior to 8.6
Description
The issue is related to an out-of-bounds write problem in the AppleAVD component, which can allow an application to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. The problem is addressed with improved bounds checking.
Recommendations
For macOS Big Sur, update to version 11.6.6 to resolve the issue.
For macOS Monterey, update to version 12.3.1 to resolve the issue.
For iOS, update to version 15.4.1 to resolve the issue.
For iPadOS, update to version 15.4.1 to resolve the issue.
For tvOS, update to version 15.5 to resolve the issue.
For watchOS, update to version 8.6 to resolve the issue.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Ios
Ipados
Macos Big Sur
Macos Monterey
Tvos
Watchos