CVE-2022-32792

HIGH

iPadOS < 15.6 - Out-of-bounds Write

Title source: llm
STIX 2.1

Description

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213345
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213340
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213342
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213346
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213341

Scores

CVSS v3 8.8
EPSS 0.0030
EPSS Percentile 53.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (5)
apple/ipados < 15.6
apple/iphone_os < 15.6
apple/macos 12.0 - 12.5
apple/tvos < 15.6
apple/watchos < 8.7
Published Sep 23, 2022
Tracked Since Feb 18, 2026