Vulnerability Alert: Apple Releases Security for Zero-Day Vulnerabilities Exploited by Attackers
What You Need to Know:
Apple released security updates for vulnerabilities found in iOS, iPadOS, MacOS Big Sur, and macOS Monterey. CVE-2022-32894 and CVE-2022-32893 are zero-day flaws that have code execution vulnerabilities being exploited by attackers in the wild. There are few details surrounding the vulnerabilities or how they were used, but the flaws are believed to be exploited for targeted attacks.
CVE-2022-32894 is an out-of-bounds write issue that allows attackers to execute arbitrary code with kernel privileges, ultimately taking over an entire system. CVE-2022-32893 is a WebKit flaw that allows attackers to execute arbitrary code through maliciously crafted web content. WebKit is a browser engine that powers Safari and other iOS web browsers. The bug can be triggered by processing maliciously crafted web content, which can then lead to arbitrary code execution.
Apple released updates to patch both vulnerabilities:
• iOS 15.6.1
• iPadOS 15.6.1
• macOS 12.5.1
• Safari 15.6.1 for macOS Big Sur and Catalina
• Other macOS versions will receive updates at a later date
All users affected by CVE-2022-32983 and CVE-2022-32984 should implement the security updates as soon as possible.
Please patch your device as soon as possible. You can find guidance on security updates at the links below:
Indicators of Compromise (IoCs):
While Apple products are not widely used at an enterprise level, these devices could supply an attack vector to company executives. Towerwall is raising awareness among our customers to patch this vulnerability before it is too late.
- Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893) – Help Net Security
- About the security content of Safari 15.6.1 – Apple Support
- New macOS 12.5.1 and iOS 15.6.1 updates patch “actively exploited” vulnerabilities [Updated] | Ars Technica
- Apple patches double zero-day in browser and kernel – update now! – Naked S (sophos.com)
If you have any questions about this vulnerability or your information security needs, please contact me directly at 774-204-0700.