Active Exploit for iOS, iPadOS and macOS allowing Root Access – CVE-2022-32894 and CVE-2022-32893

Aug 20, 2022

Make sure your devices are always patched and up to date. Apple has reported on Wednesday a serious out of bounds write issue that affects iOS, iPadOS and macOS. They’ve created a CVE for it, but have not yet filed the details.

This exploit is actively being used in combination with a Webkit exploit. It allows injection via the Safari browser (theoretically, this exploit may be available on Linux as well through the KDE project’s Konqueror browser). The associated CVE has been created, but the details have not yet been filed.

The exploit affects:

  • iPhone 6s or later
  • iPad Pro (all models)
  • iPad Air 2 and later
  • iPad 5th gen and later
  • iPad mini 4 and later
  • iPod Touch 7th gen

It can be patched by updating to iOS 15.6.1 or iPadOS 15.6.1.

For macOS, this exploit can be patched by updating to Monterey 12.5.1.

Looking for an IT company, or have a problem today that requires a quick solution?

Let us help guide you on the easy stuff and do the heavy lifting on the more difficult stuff.

Complete the form below and one of our team will help you out.

Recent Posts

Major Online Password Service Compromised

LastPass has been compromised. It's good that they're disclosing it in relatively short order. You might say it was the keys to the kingdom that were stolen. Someone pilfered 'portions' of their source code, and some proprietary technical information. It has not been...

read more

Thought Your Files Were Safe in the Cloud?

Security experts have advocated for years that you should have your Office 365 and/or Google Workplace files backed up to a third party backup service. You run the risk of getting hit by ransomware, a rogue employee can delete or corrupt your flies, or someone can...

read more