CVE-2022-32802

HIGH

Apple Ipados < 15.6 - Denial of Service

Title source: rule

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution.

References (3)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213342

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213345

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213346

Scores

CVSS v3 7.8

EPSS 0.0012

EPSS Percentile 30.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-693

Status published

Affected Products (4)

apple/ipados < 15.6

apple/iphone_os < 15.6

apple/macos < 12.5

apple/tvos < 15.6

Timeline

Published Sep 20, 2022

Tracked Since Feb 18, 2026