CVE-2022-26771

HIGH

watchOS <8.6-tvOS <15.5-iOS <15.5-iPadOS <15.5 - Memory Corruption

Title source: llm
STIX 2.1

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with kernel privileges.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213258
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213253
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213254

Scores

CVSS v3 7.8
EPSS 0.0096
EPSS Percentile 57.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (4)
apple/ipados < 15.5
apple/iphone_os < 15.5
apple/tvos < 15.5
apple/watchos < 8.6
Published May 26, 2022
Tracked Since Feb 18, 2026