Apple has released security updates to address vulnerabilities in multiple products. The updates include patches for the zero-day vulnerability tracked as CVE-2022-32917. CVE-2022-32917 could allow an attacker to perform arbitrary code execution with kernel privileges.

Apple have stated in their security advisories that they are aware of a report claiming the possible exploitation of the zero-day vulnerability.

PoC Released for CVE-2022-32898

A proof-of-concept (PoC) exploit code is now available for CVE-2022-32898. This vulnerability could allow an application to perform arbitrary code execution with kernel privileges.

Threat updates

Date	Update
1 Dec 2022	PoC Released for CVE-2022-32898 This Cyber Alert has been updated to reflect that there has been a public proof-of-concept released for CVE-2022-32898.

Remediation advice

Affected organisations are encouraged to review the following Apple security advisory and apply any relevant updates or workarounds.

Remediation steps

Type	Step
Patch	macOS Big Sur 11.7 \| HT213443 https://support.apple.com/kb/HT213443
Patch	macOS Monterey 12.6 \| HT213444 https://support.apple.com/en-us/HT213444
Patch	iOS 15.7 and iPadOS 15.7 \| HT213445 https://support.apple.com/kb/HT213445
Patch	iOS 16 \| HT213446 https://support.apple.com/en-us/HT213446

Definitive source of threat updates

https://support.apple.com/en-us/HT201222

CVE Vulnerabilities

Status Reserved

CVE-2022-32917

Status Published

CVE-2022-32898

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

Last edited: 1 December 2022 1:43 pm