CVE-2022-43454
Published: 10 March 2025
Summary
CVE-2022-43454 is a high-severity Double Free (CWE-415) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2022-43454 is a double free vulnerability (CWE-415) addressed through improved memory management in Apple's operating systems. It affects macOS Ventura prior to version 13.1, watchOS prior to 9.2, iOS prior to 16.2, iPadOS prior to 16.2, and tvOS prior to 16.2. The issue enables an app to execute arbitrary code with kernel privileges, earning a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A local attacker with no privileges required can exploit this vulnerability with low complexity, though it necessitates user interaction. Successful exploitation allows arbitrary kernel code execution, resulting in high impacts to confidentiality, integrity, and availability within the local attack surface.
Apple security advisories, including those at https://support.apple.com/en-us/102741, https://support.apple.com/en-us/102807, https://support.apple.com/en-us/102808, and https://support.apple.com/en-us/102836, confirm the issue was fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2, iPadOS 16.2, and tvOS 16.2. Mitigation requires updating affected devices to these patched versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-55161
Vulnerability details
A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Double-free memory corruption enables arbitrary kernel code execution from a local app, directly mapping to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires identifying, prioritizing, and applying patches for the double free vulnerability as fixed in the specified OS updates.
Implements memory protection mechanisms such as ASLR and DEP that directly mitigate exploitation of double free vulnerabilities to arbitrary kernel code execution.
Enforces process isolation to limit a user app's ability to compromise kernel memory or execute privileged code via the double free.