Apple Memory Corruption Vulnerability (CVE-2022-22587)
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
A remote attacker, without authentication, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2022-02-11 under CISA BOD 22-01.
This is a Out-of-bounds Write (CWE-787) vulnerability in Apple iOS and macOS. A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Exploitation requires remote network access, low attack complexity, no authentication required, and no user interaction required.
📧
Phishing link
🖼
Malicious file
🔓
Server compromised
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2022-01-28 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2022-02-11.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.