CVE-2022-48618

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Jan 9, 2024

Updated: Aug 14, 2024

CWE ID 367

Summary

CVE-2022-48618 is a vulnerability affecting Apple's macOS, watchOS, iOS, and iPadOS, as well as tvOS. This issue allows an attacker with arbitrary read-write capability to bypass Pointer Authentication, potentially gaining unauthorized access. Apple has addressed this vulnerability in the latest updates of these operating systems, including macOS Ventura 13.1, watchOS 9.2, iOS 16.2, and iPadOS 16.2, as well as tvOS 16.2. It is known that this issue may have been exploited in previous versions of iOS before 15.7.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
tvOS
Apple Watch
iPadOS
Apple TV

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uCzioT
https://www.cve.org/CVERecord?id=CVE-2022-48618
https://nvd.nist.gov/vuln/detail/CVE-2022-48618

Back to Vulnerability Database