Vulnerabilities

Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)

Issued by: Help Net Security

Source
Advertisement


Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple.

About CVE-2022-22620

CVE-2022-22620 is a use after free issue in WebKit, the browser engine used in Safari and all iOS web browsers.

Apple fixed it in iOS 15.3.1 and iPadOS 15.3.1, macOS Monterey 12.2.1, and Safari 15.3.

“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” the company noted in the security update release notes, and credited an anonymous researcher with reporting it.

Read more
You might also like
Vulnerabilities

Vulnerability in CocoaPods Dependency Manager Exposed Millions of Apps

Vulnerabilities

4 years since Sperctre vulnerability discovery | Kaspersky official blog

Vulnerabilities

Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift

Vulnerabilities

HAProxy Vulnerability Leads to HTTP Request Smuggling

Advertisement