Pointer Authentication Bypass in Apple Products
CVE-2022-48618
Key Information:
- Vendor
Apple
- Vendor
- CVE Published:
- 9 January 2024
Badges
What is CVE-2022-48618?
The vulnerability involves an issue with pointer authentication checks in certain Apple operating systems, allowing an attacker with arbitrary read and write capabilities to potentially bypass the security mechanism designed to protect against unauthorized access. This vulnerability has been identified in earlier versions of iOS before iOS 15.7.1, and Apple has released updates to address this issue in macOS Ventura 13.1 and other product iterations. Users are encouraged to update their devices to the latest versions to mitigate the risk associated with this vulnerability.
CISA has reported CVE-2022-48618
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2022-48618 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
iOS and iPadOS < 16.2
macOS < 13.1
tvOS < 16.2
References
CVSS V3.1
Timeline
- ๐พ
Exploit known to exist
- ๐ฆ
CISA Reported
Vulnerability published
Vulnerability Reserved