Other official information and services: www.belgium.be

New Apple Zero-day vulnerabilities actively exploited

Reference:

Advisory #2022-21

Version:

1.0

Affected software:

MacOS versions previous to the 12.5.1

IOS versions previous to the 15.6.1

IPadOS versions previous to the 15.6.1

Type:

Remote Code Execution (RCE)

CVE/CVSS:

CVE-2022-32894
CVE-2022-32893

Date:

22/08/2022

Sources

https://support.apple.com/en-us/HT201222

https://support.apple.com/en-us/HT213412

Risks

Apple released a security update for macOS, iOS, and ipadOS devices addressing two zero-day vulnerabilities that are currently being exploited in the wild. These vulnerabilities could allow a potential attacker to execute arbitrary code on a victim system.

Description

CVE-2022-32894 could allow an application to execute arbitrary code with kernel privileges. This could result in a complete compromise of the system. The kernel is a core part of the system with really high privileges.

CVE-2022-32893 is a vulnerability in WebKit that enables maliciously crafted web content to execute arbitrary code on a system. An attacker could infect a victim by sending them a link to this malicious web content (if the victim clicks on that link).

Recommended Actions

The Centre for Cyber Security Belgium recommends administrators to check if they have Apple devices listed above. If that's the case, the CCB strongly recommends to be sure that the latest updates are installed as soon as possible.

References

https://www.bleepingcomputer.com/news/security/apple-security-updates-fix-2-zero-days-used-to-hack-iphones-macs/