CVE-2022-32832

MEDIUM

Apple Ipados < 15.6 - Denial of Service

Title source: rule

Description

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

Exploits (2)

nomisec WORKING POC 96 stars

by Muirey03 · poc

https://github.com/Muirey03/CVE-2022-32832

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by AkbarTrilaksana · poc

https://github.com/AkbarTrilaksana/CVE-2022-32832

View Code ZIP pw:eip

References (6)

Core 6

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213345

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213340

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213342

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213346

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213344

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT213343

Scores

CVSS v3 6.7

EPSS 0.0890

EPSS Percentile 92.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

Status published

Products (7)

apple/ipados < 15.6

apple/iphone_os < 15.6

apple/mac_os_x 10.15.7 security_update_2020-001 (12 CPE variants)

apple/macos 10.15.7 (2 CPE variants)

apple/macos < 10.15.7

apple/tvos < 15.6

apple/watchos < 8.7

Published Sep 23, 2022

Tracked Since Feb 18, 2026