PT-2022-7264 · Apple · Apple Macos+4
Adam M
·
Published
2022-12-13
·
Updated
2024-08-14
·
CVE-2022-48618
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 13.1
watchOS versions prior to 9.2
iOS versions prior to 16.2
iPadOS versions prior to 16.2
tvOS versions prior to 16.2
Description
The issue is related to a bug in the kernel component that can bypass "pointer authentication." An attacker with arbitrary read and write capability may be able to exploit this issue. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
Recommendations
For macOS versions prior to 13.1, update to macOS Ventura 13.1.
For watchOS versions prior to 9.2, update to watchOS 9.2.
For iOS versions prior to 16.2, update to iOS 16.2.
For iPadOS versions prior to 16.2, update to iPadOS 16.2.
For tvOS versions prior to 16.2, update to tvOS 16.2.
Fix
Improper Authentication
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos
Ios
Ipados
Tvos
Watchos