Otto  background

Two Zero-Day Vulnerabilities Surfaced by Apple

On Wednesday, August 17, Apple released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities that had been exploited by attackers to compromise its line of devices.

The first, CVE-2022-32893, is an out-of-bounds issue discovered in WebKit. This vulnerability could lead to the execution of arbitrary code by processing specially crafted web content on a compromised or malicious site. Successful exploitation can then lead to complete control of the target system, data destruction, or exfiltration of sensitive information.

The second is CVE-2022-32894. This one’s another out-of-bounds issue, but this time in the operating system's kernel. The vulnerability could be exploited by a malicious application to execute arbitrary code with the highest privileges by writing data past the end of the intended buffer leading to corruption of data, crashing of the kernel, or code execution within the kernel.

Recommended remediation

It is advised that users patch their products immediately:

  • macOS Monterey 12.5.1: for macOS Monterey

  • iOS 15.6.1: for iPhone 6s and later

  • iPadOS 15.6.1: for iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Further, we advise users to enable their automatic software updates. You can do so by going to Settings > General > Software Updates > Enable Automatic Updates.

According to The Hacker News, both vulnerabilities have been fixed in iOS 15.6.1, iPadOS 15.6.1, and macOS Monterey 12.5.1.

The iOS and iPadOS updates are out for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Apple counts six zero-day vulnerabilities in 2022 so far

Since the start of the year, Apple has seen six zero-day vulnerabilities (including the two today).

  1. There was the IOMobileFrameBuffer vulnerability. CVE-2022-22587 was a malicious application that was potentially able to execute arbitrary code with kernel privileges.

  2. In WebKit, CVE-2022-22620 processed maliciously crafted web content that could lead to arbitrary code execution.

  3. Within Intel Graphics Driver, CVE-2022-22674 meant an application could potentially read kernel memory.

  4. And finally, there was the AppleAVD vulnerability. CVE-2022-22675 could’ve allowed an application to execute arbitrary code with kernel privileges.

Critical 24 hours ahead

Both vulnerabilities are seeing significant interest by cyber threat researchers and will likely be a target for attackers over the next few days. The race is on to patch and remediate these vulnerabilities within your organization.

Automox recommends patching macOS to Monterey 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 as soon as possible to reduce exposure to these zero-days.

Automox for Easy IT Operations

Automox is the cloud-native IT operations platform for modern organizations. It makes it easy to keep every endpoint automatically configured, patched, and secured – anywhere in the world. With the push of a button, IT admins can fix critical vulnerabilities faster, slash cost and complexity, and win back hours in their day.

Grab a free trial of Automox and join thousands of companies transforming IT operations into a strategic business driver.

Dive deeper into this topic