CVE-2022-32821

HIGH

iPadOS < 15.6 - Out-of-bounds Write

Title source: llm
STIX 2.1

Description

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213345
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213340
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213342
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213346

Scores

CVSS v3 7.8
EPSS 0.0015
EPSS Percentile 35.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (5)
apple/ipados < 15.6
apple/iphone_os < 15.6
apple/macos 12.0 - 12.5
apple/tvos < 15.6
apple/watchos < 8.7
Published Sep 23, 2022
Tracked Since Feb 18, 2026