Cyber Resilience

CVE-2022-32917

HighCISA KEVActive ExploitationEUVD Exploited

Published: 20 September 2022

Published
20 September 2022
Modified
23 October 2025
KEV Added
14 September 2022
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0092 76.4th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-32917 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 23.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2022-32917 is an out-of-bounds write vulnerability (CWE-787) that was addressed through improved bounds checks. It affects multiple Apple platforms, specifically macOS Monterey prior to version 12.6, iOS and iPadOS prior to 15.7, iOS prior to 16, and macOS Big Sur prior to 11.7. The flaw carries a CVSS score of 7.8 and could allow an application to execute arbitrary code with kernel privileges.

A local attacker who can execute an application on a vulnerable device may exploit the issue to gain arbitrary code execution at kernel level, resulting in complete system compromise without requiring user interaction.

Apple has published fixes in the versions noted above, along with corresponding security advisories that list the affected components and updated builds. Full disclosure entries on public mailing lists reference the same patches and confirm the scope of remediation.

Apple has stated it is aware of reports indicating the vulnerability may have been actively exploited in the wild. The associated EPSS score shows only minor fluctuation between its current value of 0.0092 and peak of 0.0146.

EU & UK References

Vulnerability details

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple…

more

is aware of a report that this issue may have been actively exploited..

CWE(s)
KEV Date Added
14 September 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 15.7
apple
iphone os
≤ 15.7
apple
macos
11.0 — 11.7 · 12.0.0 — 12.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements the improved bounds checking that prevents the out-of-bounds write (CWE-787) from being triggered by untrusted input.

prevent

Enforces memory protection mechanisms that block unauthorized writes outside allocated buffers, stopping the kernel-privilege escalation path.

prevent

Requires timely installation of the vendor patches that add the missing bounds checks on the affected macOS and iOS releases.

References