Cyber Resilience

CVE-2022-43454

High

Published: 10 March 2025

Published
10 March 2025
Modified
24 March 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0005 17.2th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-43454 is a high-severity Double Free (CWE-415) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2022-43454 is a double free vulnerability (CWE-415) addressed through improved memory management in Apple's operating systems. It affects macOS Ventura prior to version 13.1, watchOS prior to 9.2, iOS prior to 16.2, iPadOS prior to 16.2, and tvOS prior to 16.2. The issue enables an app to execute arbitrary code with kernel privileges, earning a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

A local attacker with no privileges required can exploit this vulnerability with low complexity, though it necessitates user interaction. Successful exploitation allows arbitrary kernel code execution, resulting in high impacts to confidentiality, integrity, and availability within the local attack surface.

Apple security advisories, including those at https://support.apple.com/en-us/102741, https://support.apple.com/en-us/102807, https://support.apple.com/en-us/102808, and https://support.apple.com/en-us/102836, confirm the issue was fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2, iPadOS 16.2, and tvOS 16.2. Mitigation requires updating affected devices to these patched versions.

EU & UK References

Vulnerability details

A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Double-free memory corruption enables arbitrary kernel code execution from a local app, directly mapping to exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2024-54517Same product: Apple Ipados
CVE-2026-20687Same product: Apple Ipados
CVE-2025-24107Same product: Apple Ipados
CVE-2024-54468Same product: Apple Ipados
CVE-2024-54522Same product: Apple Ipados
CVE-2026-20698Same product: Apple Ipados
CVE-2026-20700Same product: Apple Ipados
CVE-2026-20628Same product: Apple Ipados
CVE-2025-43520Same product: Apple Ipados
CVE-2026-28995Same product: Apple Ipados

Affected Assets

apple
ipados
≤ 16.2
apple
iphone os
≤ 16.2
apple
macos
≤ 13.1
apple
tvos
≤ 16.2
apple
watchos
≤ 9.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires identifying, prioritizing, and applying patches for the double free vulnerability as fixed in the specified OS updates.

prevent

Implements memory protection mechanisms such as ASLR and DEP that directly mitigate exploitation of double free vulnerabilities to arbitrary kernel code execution.

prevent

Enforces process isolation to limit a user app's ability to compromise kernel memory or execute privileged code via the double free.

References