The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted about the active exploitation of a high-severity vulnerability affecting iOS, iPadOS, macOS, tvOS, and watchOS. Tracked as CVE-2022-48618 with a CVSS score of 7.8, the flaw resides in the kernel component, allowing an attacker with arbitrary read and write capabilities to potentially bypass Pointer Authentication. Apple addressed the issue with improved checks in versions released after iOS 15.7.1. Despite patches being released on December 13, 2022, the vulnerability was only publicly disclosed on January 9, 2024. CISA recommends applying fixes by February 21, 2024, for Federal Civilian Executive Branch agencies. This follows Apple’s recent expansion of patches for an actively exploited WebKit flaw to include its Apple Vision Pro headset.
ABOUT US
Owlysec is an important source of information in the field of cybersecurity. It provides its readers with the latest developments in cybersecurity through current news and analyses compiled from reliable sources. Its goal is to increase cybersecurity awareness and create awareness of security threats in the digital world. Stay up-to-date, stay safe - follow the cyber world closely with Owlysec!
Kontakt: [email protected]
FOLLOW US
© 2024 Alle Rechte vorbehalten. Layout & technische Umsetzung: Webagentur in Gelsenkirchen – webpen.de