CVE-2022-32917
Published: 20 September 2022
Summary
CVE-2022-32917 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 23.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2022-32917 is an out-of-bounds write vulnerability (CWE-787) that was addressed through improved bounds checks. It affects multiple Apple platforms, specifically macOS Monterey prior to version 12.6, iOS and iPadOS prior to 15.7, iOS prior to 16, and macOS Big Sur prior to 11.7. The flaw carries a CVSS score of 7.8 and could allow an application to execute arbitrary code with kernel privileges.
A local attacker who can execute an application on a vulnerable device may exploit the issue to gain arbitrary code execution at kernel level, resulting in complete system compromise without requiring user interaction.
Apple has published fixes in the versions noted above, along with corresponding security advisories that list the affected components and updated builds. Full disclosure entries on public mailing lists reference the same patches and confirm the scope of remediation.
Apple has stated it is aware of reports indicating the vulnerability may have been actively exploited in the wild. The associated EPSS score shows only minor fluctuation between its current value of 0.0092 and peak of 0.0146.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-35983
Vulnerability details
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple…
more
is aware of a report that this issue may have been actively exploited..
- CWE(s)
- KEV Date Added
- 14 September 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements the improved bounds checking that prevents the out-of-bounds write (CWE-787) from being triggered by untrusted input.
Enforces memory protection mechanisms that block unauthorized writes outside allocated buffers, stopping the kernel-privilege escalation path.
Requires timely installation of the vendor patches that add the missing bounds checks on the affected macOS and iOS releases.