Cyber Resilience

CVE-2022-42827

HighCISA KEVActive ExploitationEUVD Exploited

Published: 01 November 2022

Published
01 November 2022
Modified
23 October 2025
KEV Added
25 October 2022
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0017 37.6th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-42827 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Iphone Os. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 37.6th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

An out-of-bounds write vulnerability addressed through improved bounds checking affects iOS and iPadOS. The flaw is present in versions prior to iOS 15.7.1 and iPadOS 15.7.1 as well as iOS 16.1 and iPadOS 16, and it carries a CVSS score of 7.8 under CWE-787. Successful exploitation allows an application to execute arbitrary code with kernel privileges.

A local attacker can trigger the issue without special privileges when a user interacts with a malicious application, resulting in full control over the kernel and the ability to compromise confidentiality, integrity, and availability. Apple has stated that the vulnerability may have been actively exploited in the wild.

Apple security updates HT213489 and HT213490 resolve the issue by shipping the corrected versions of iOS and iPadOS. The vulnerability is also listed in CISA’s Known Exploited Vulnerabilities catalog, confirming real-world exploitation. Its EPSS score rose from a low baseline to a peak of 0.0100, indicating that exploitation interest increased after public disclosure.

EU & UK References

Vulnerability details

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware…

more

of a report that this issue may have been actively exploited..

CWE(s)
KEV Date Added
25 October 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 15.7.1
apple
iphone os
≤ 15.7.1 · 16.0 — 16.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely installation of the vendor patches (iOS 15.7.1/16.x) that add the missing bounds checks and eliminate the out-of-bounds write.

prevent

Mandates memory-protection mechanisms that would have blocked or contained the out-of-bounds write before it could corrupt kernel memory.

prevent

Enforces separate execution domains between user-space apps and kernel code, limiting the ability of a malicious app to reach and exploit the vulnerable kernel component.

References