CVE-2022-48618
Published: 09 January 2024
Summary
CVE-2022-48618 is a high-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Apple Ipados. Its CVSS base score is 7.0 (High).
Operationally, ranked at the 29.8th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2022-48618 is a pointer authentication bypass vulnerability that was addressed through improved checks in multiple Apple operating systems. The affected releases include macOS Ventura prior to 13.1, watchOS prior to 9.2, iOS and iPadOS prior to 16.2, and tvOS prior to 16.2. The flaw is tracked under CWE-367 and carries a CVSS 3.1 score of 7.0 reflecting local attack complexity.
An attacker who already possesses arbitrary read and write primitives on a device can exploit the weakness to circumvent pointer authentication protections, potentially leading to full control over the compromised process with impacts to confidentiality, integrity, and availability.
Apple security advisories for the listed updates state that the issue was resolved by adding the improved checks and recommend installing the patches. The vendor also notes awareness of reporting that the vulnerability may have been exploited in the wild against iOS versions prior to 15.7.1.
The current EPSS score remains low at 0.0011 with no indicated upward trajectory.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-51313
Vulnerability details
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple…
more
is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
- CWE(s)
- KEV Date Added
- 31 January 2024
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements memory protection mechanisms such as Pointer Authentication to block the exact bypass primitive described in the CVE.
Requires timely installation of the vendor patches that added the improved validation checks fixing CVE-2022-48618.
Mandates hardware-based protection features whose bypass is the root cause of this Pointer Authentication defeat.