You are currently viewing Apple Addressed High Severity Flaws in macOS, iOS – Patch Now

Apple Addressed High Severity Flaws in macOS, iOS – Patch Now

Two high severity zero-day flaws tracked as “CVE-2022-22674” and “CVE-2022-22675” have been reported in Apple macOS and iOS. Apple has released patches for these two zero-day CVEs affecting macOS and iOS. The vulnerability was found in Apple macOS and iOS up to 15.4.0 (Smartphone Operating System) and is classified as critical.

“Apple is aware of a report that this issue may have been actively exploited.” It refers to what it describes as an “Out of bounds read and write” flaw. An anonymous researcher is known to have identified the flaw.

Zero days CVEs

These CVEs are the fourth and fifth zero-day vulnerabilities found in Apple this year. In January 2022,  Apple patched two zero-day flaws that involved code execution flaws—also issued one patch for high severity WebKit flaw that allows an attacker to use malicious web content to execute malicious code.

Affected Products: macOS, iOS

Affected version: macOS, iOS up to 15.4.0

CVE: CVE-2022-22674

Available for: macOS Monterey

Description: An out-of-bounds read issue in Intel Graphic Driver may lead to the disclosure of kernel memory and was addressed with improved input validation, which can be actively exploited.

Impact: Successful exploitation may allow attackers to read kernel memory. The manipulation with an unknown input may lead to memory corruption vulnerability.

Severity: High

CVE: CVE-2022-22675

Available for: macOS Monterey

Description: An out-of-bounds write issue was addressed with improved bounds checking. This issue affects an unknown code of the component AppleAVD.

Impact: Successful exploitation may allow attackers to execute arbitrary code with kernel privileges.

Severity: High

SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments