New Cyber Defense Brand DeepSeas to Unite Newly Acquired Commercial Managed Threat Services Business from Booz Allen Hamilton with Security On-Demand. Learn More

August 22, 2022

Threat Advisory: Apple Zero-Day Vulnerabilities

Sierra Kreutzer

(CVE-2022-32894 and CVE-2022-32893)

Event Summary

Apple is urging macOS, iPhone and iPad users to install the released update as soon as possible. The update includes fixes for two zero-days vulnerabilities under active attack. The patches are for vulnerabilities that allow attackers to execute arbitrary code and ultimately take over devices. Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix these vulnerabilities.

Detail

Product Affected

Vulnerable Version

CVE-CVSS Associated

Risk / Details for vulnerability

Recommendations

iOS & iPadOS

<15.6.1*

iPhone 6s and later

for iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

CVE-2022-32893

High – Arbitrary code execution

Update systems with latest security patches

MacOS

<12.5.11*
MacOS Monterey

CVE-2022-32894

High – Arbitrary code execution

Update systems with latest security patches

*Versions prior to the latest version

SOD Actions

The Security On-Demand Threat Recon Unit will continue to monitor these events and provide relevant updates. Currently, we recommend applying vendor patches immediately. Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

Our Threat Recon Unit will also keep track of any exploitation tool or PoC (Proof of Concept) that could leverage the usage of those vulnerabilities to exploit systems actively. Information about new IoCs and IoAs will continue to be included proactively as part of the ThreatWatch service’s monitoring mechanism on every service tier.

Please contact your Security On-Demand Customer Success Manager if you have any questions about this alert.

Additional Resources

SERVICES

ABOUT

SIGN-UP FOR FREE THREAT FLASH ALERTS

img.wp-smiley,img.emoji{display:inline !important;border:none !important;box-shadow:none !important;height:1em !important;width:1em !important;margin:0 .07em !important;vertical-align:-.1em !important;background:none !important;padding:0 !important;}#rs-demo-id{}body a{color:#333;font-family:"Droid sans";}body a:hover{color:#0897a5;}.rightsidegd .vc_gitem-post-data-source-post_date,.leftsidegd .vc_gitem-post-data-source-post_date{color:#ee2e24;margin-bottom:5px;font-size:14px;}.rightsidegd .vc_gitem_row .vc_gitem-col{padding:0;padding-bottom:10px;}.rightsidegd .vc_gitem-post-data-source-post_title,.leftsidegd .vc_gitem-post-data-source-post_title{color:#444;font-weight:600;}#mk-ornamental-title-4 h2.title,#mk-ornamental-title-5 h2.title{font-size:22px;}.sideform #gform_wrapper_10 label{display:none;}.sideform #input_10_2,.sideform #input_10_3{width:100%;}.vc_btn3.vc_btn3-color-juicy-pink,.vc_btn3.vc_btn3-color-juicy-pink.vc_btn3-style-flat{background-color:#eb312e !important;}@media only screen and (min-width:767px){.casest .mk-text-block{min-height:190px;}.whitepap .content-box-heading{min-height:78px;}.whitepap .mk-text-block{min-height:250px;}.servpage .content-box-heading{min-height:78px;}.servpage .mk-text-block{min-height:280px;}.casetabs .mk-text-block.padcnt{min-height:160px;}.mk-text-block.padcnt.actionbut{min-height:inherit !important;}.whtpapers .mk-text-block.padcnt{min-height:190px;}.whtpapers h2{min-height:80px;}.servbrif .mk-text-block.padcnt{min-height:240px;}.servbrif h2{min-height:60px;}.midlevelleft{left:-34px;}.midlevelright{right:-34px;}.threeeqlcolmn .vc_col-sm-4{width:31.33333333%;margin:0 1%;}}.smpleclue .vc_column-inner > .wpb_wrapper{box-shadow:0px 1px 3px #ccc;margin-bottom:30px;}.smpleclue .vc_column-inner .wpb_wrapper .wpb_single_image{border-bottom:6px solid red;}.smpleclue .vc_column-inner > .wpb_wrapper:hover,.leftsidegd .vc_grid-item.vc_col-sm-4 > .vc_grid-item-mini:hover,.smpleclue .vc_column-inner > a:hover + .wpb_wrapper{transform:translate(0,-2px);box-shadow:0 5px 10px rgba(0,0,0,.2),0 10px 20px rgba(0,0,0,.2);}.padcnt{padding:5px 15px;}.actionbut{text-align:right !important;}.call-act-but .left-tim .mk-button-container{text-align:right;}.call-act-but .rght-tim .mk-button-container{text-align:left;}.call-act-but{padding:50px 0px 30px;}#mk-button-18 .mk-button,#mk-button-20 .mk-button,#mk-button-29 .mk-button{text-transform:uppercase !important;}.mk-button--dimension-flat.text-color-dark{color:#0897a5;}.milestone-top span{color:#0897a5 !important;}#threebx .box-detail-wrapper{text-align:left;}.wtwp-testimonials-slider-wrp .slick-slider{background:transparent;}.wtwp-testimonials-slider-wrp h4{display:none;}.wptww-testimonials-slidelist.design-1 .fa-quote-left,.wptww-testimonials-list.design-1 .fa-quote-left,.wptww-testimonials-slide-widget.design-1 .fa-quote-left{color:#ee2e24;}.clientfeed{padding:80px 60px 30px;box-shadow:0px 0px 5px #bbb;border-radius:10px;}.wptww-testimonials-text p{font-size:18px !important;line-height:35px;padding:20px;}.wptww-quote{outline:none !important;}.wptww-testimonial-client{font-size:25px;text-transform:uppercase;padding:6px;}.sixboxlet .mk-box-icon.boxed-style .mk-main-ico .mk-svg-icon{width:50px !important;height:50px !important;}.sixboxlet .mk-box-icon.boxed-style .icon-box-boxed.left{margin-left:0;padding:30px 30px 30px 100px;background:none;border:none;box-shadow:6px 5px 30px 0px rgba(0,0,0,.12);}.sixboxlet .mk-box-icon.boxed-style .icon-box-boxed.left .mk-main-ico{left:15px;}.sixboxlet .mk-box-icon.boxed-style h4{margin-bottom:15px;font-size:22px !important;font-weight:600 !important;}.leftclmns,.rightclmns{padding:100px 60px;}.eq-level-box{overflow:inherit !important;}.leftclmns{border-top-right-radius:10px;}.rightclmns{background:#666;top:40px;border-bottom-left-radius:10px;padding-left:100px;}.leftclmns ul li,.rightclmns ul li{line-height:38px !important;color:#fff;}.rightclmns ul li{line-height:38px !important;color:#fff;}.rightclmns ul li .mk-svg-icon,.leftclmns ul li .mk-svg-icon{top:10px;}.home .mk-edge-custom-content h1 span strong{color:#fff !important;}.lr-column .vc_col-sm-6{padding:40px;}.vc_icon_element.vc_icon_element-outer .vc_icon_element-inner.vc_icon_element-size-xl .vc_icon_element-icon{font-size:12em !important;}.lr-column .vc_col-sm-6 .icon1-level{padding-top:28%;}.lr-column .vc_col-sm-6 .icon2-level{padding-top:22%;}.lr-column .vc_col-sm-6 .icon3-level{padding-top:32%;}.mk-process-steps ul li h3{font-size:20px !important;}.mk-process-steps.process-steps-3 .mk-process-icon svg{height:40px;}.mk-process-steps.process-steps-3 .mk-process-icon{width:100px;height:100px;}.mk-process-steps.process-steps-3 ul:before{top:60px;}.mk-process-steps ul:before{left:160px;width:70%;}#text-block-10{padding-right:40px;}#text-block-10 p{line-height:35px;font-size:16px;letter-spacing:1px;}.vc_icon_element.vc_icon_element-outer .vc_icon_element-inner.vc_icon_element-color-peacoc .vc_icon_element-icon{color:#0897a5;}.page-id-7769 .vc-hoverbox-block{background-image:none !important;}.page-id-7769 .vc-hoverbox-block.nitro-lazy{background-image:none !important;}.single-private-page .blog-single-title{display:inline-block;}.single-private-page #mk-page-introduce{display:none;}.single-private-page .fitpage{margin:0px;}.colorwht,.colorwht p{color:#fff;font-size:18pt;}.listsec-cnt h3{text-transform:capitalize !important;}.boxx-stlye .aio-icon-component.style_3{min-height:120px;border:1px solid #0897a5;}.boxx-stlye .aio-icon-component.style_3:hover{background:#0897a5;}.boxx-stlye .aio-icon-component.style_3:hover h3{color:#fff;}.boxericon .aio-icon-component.style_1{border:1px solid;padding:25px 15px;min-height:80px;}.master-holder .listboxro h3{font-size:24px;font-weight:bold;margin-bottom:20px;}.master-holder .listboxro2 h3{font-size:25px;font-weight:bold;}.threeclmn .aio-icon-component.style_1{padding:30px;box-shadow:0px 0px 14px #ccc;border-radius:30px;}.threeclmn .align-icon,.threeclmn .aio-icon-header,.threeclmn .aio-icon-description{text-align:left !important;}#text-block-16 h3{font-weight:bold;font-size:22px;}.boxx-stlye .aio-icon-component.style_3 h3{font-weight:bold;}.threeclmn2 .aio-icon-component.style_1{padding:18px;box-shadow:0px 0px 14px #ccc;border-radius:30px;}.threeclmn2 h3{text-transform:capitalize !important;line-height:23px !important;font-size:16px !important;}.liststyleicon ul li{line-height:35px;list-style:none;padding-left:30px;margin:0;}.liststyleicon ul li{padding:0px;margin:0px;}.liststyleicon ul li:before{content:"";height:4px;width:13px;background:#0897a5;display:block;position:relative;left:-25px;top:20px;}.shd-left{box-shadow:0px 3px 30px #ddd;border-top-left-radius:15px;border-bottom-left-radius:15px;}.shd-right{box-shadow:0px 3px 30px #ddd;border-top-right-radius:15px;border-bottom-right-radius:15px;}.shd-left p,.shd-right p{font-size:16px !important;}.dce-post-date{position:absolute;top:-220px;word-wrap:anywhere;text-align:center !important;background:#fff;left:15px;padding:8px 27px !important;border-radius:8px;}.dce-post-date span{display:block;color:#1a97a4;}.brandlogo a{display:inline-block;padding:0 5px 0 0;border-radius:5px;}.brandlogo a img{border-radius:5px;}.bdt-content p{font-size:14px;color:#fff;line-height:20px;margin:0;}.single-news .mk-main-wrapper{max-width:980px;}.layoutblg .bdt-list .bdt-post-block-item{visibility:visible !important;}.postnav-sec .navplus.activenav{background:#fff;}.postnav-sec .navplus.activenav a{color:#5472d2;display:block;padding:17px;width:100%;}.postnav-sec .navplus.activenav:hover{background:#dcdcdc;}.postnav-sec .navplus{background:#ebebeb;}.postnav-sec .navplus a{color:#666;display:block;padding:17px;width:100%;}.postnav-sec .navplus:hover{background:#dcdcdc;}.sl-post{margin-bottom:0px !important;}.elementor-pagination{text-align:center;margin-top:25px;}.g-form-side .gfield_label,.elementor-nav-menu .sub-arrow{display:none !important;}.g-form-side .gform_wrapper .top_label input.medium,.g-form-side #gform_submit_button_10{width:100%;}.cntcont .cnt-add strong{color:#333;}.cnt-add{font-size:16px;}.bdt-gravity-forms #input_2_8 li{display:inline-block;margin-right:15px;}.bdt-gravity-forms #input_2_8 li input{margin-top:0px;}.bdt-gravity-forms textarea{height:70px !important;}.bannerfrm input{height:40px;}.bannerfrm input[type="submit"]{padding:18px 50px;height:auto;}.ctainfo{font-size:25px !important;margin:0;padding:20px 0;font-weight:bold !important;}.iconbackgd .elementor-icon-list-icon{background:#fff;padding:18px;text-align:center;}.upiconstar .bdt-advanced-icon-box-icon{margin-bottom:0px !important;margin-top:-24px;position:relative;top:10px;}textarea,input[type=text],input[type=tel],input[type=email],input[type=url],input[type=password],input[type=search],select{color:#767676;background-color:#fdfdfd;border:1px solid #e3e3e3;outline:none;margin-bottom:4px;}.bdt-gravity-forms input[type="submit"]{background:#0897a5;color:#fff;font-family:"Droid sans";font-weight:700;text-transform:uppercase;letter-spacing:1px;border:0;padding:8px 24px;}.bdt-gravity-forms input[type="submit"]:hover{background:#000 !important;}.one-circle a{color:#fff !important;}.boldfont{font-weight:bold !important;}.leftcontent1 h2{font-size:30px !important;text-transform:uppercase !important;font-weight:bold !important;padding:50px 50px 0px !important;}.leftcontent1 h2:after{content:"";display:block;height:2px;width:100px;background:#ee2e24;margin-top:25px;}.textsecut{padding:25px 50px;}.leftcontent1 .aio-icon-header h3.aio-icon-title{width:70%;margin:10px auto;line-height:27px;color:#fff;}.rightcontent1 .wpb_single_image{margin-bottom:0;}.rightbdr{border-right:1px solid #f9f9f9;}.baselevel1{padding:35px 0 0px;}.baselevel1 .aio-icon-component > a:hover .aio-icon i,.baselevel1 .aio-icon-component > a:hover .aio-icon-header h3{color:#0897a5 !important;}.homeColumn2 h2{padding:15px;}h1.bannerwedge{font-weight:600 !important;}.context1 p{font-size:17pt;}.nwflipfx .ifb-face.ifb-front h3{font-size:80px !important;padding:50px;color:#fff !important;}.nwflipfx .ifb-face.ifb-front{background:#0897a5 !important;}.nwflipfx .ifb-face.ifb-back{color:#fff !important;background:#ee2e24 !important;}.nwflipfx .ifb-face.ifb-back p{color:#fff !important;font-size:18pt !important;line-height:40px !important;}.elementor-blockquote--skin-quotation .elementor-blockquote:before{position:initial;background:none;}.one-circle{width:500px;position:relative;margin:0 auto;}.mid-center{position:absolute;width:190px;height:185px;padding:60px 48px;text-align:center;background:#000;left:0;right:0;top:50%;transform:translateY(-50%);margin:0 auto;color:#fff;border-radius:50%;line-height:22px;font-size:16px;}.top-left,.top-right,.bottom-left,.bottom-right{width:250px;display:table-cell;height:248px;padding:70px;vertical-align:middle;text-align:center;border:.5px solid #fff;font-size:16px;}.top-left{background:#002060;color:#fff;border-radius:235px 0px 0px 0px;}.top-right{background:#027434;color:#fff;border-radius:0px 235px 0px 0px;}.bottom-left{background:#991649;color:#fff;border-radius:0px 0px 0px 235px;}.bottom-right{background:#ffbf00;color:#fff;border-radius:0px 0px 235px 0px;}.top-left:hover,.top-right:hover,.bottom-left:hover,.bottom-right:hover{background:#000;}.triconsection .elementor-widget-image-box:hover .elementor-widget-container .elementor-image-box-description{color:#000;}html{overflow-x:hidden;}.allhead{width:150px;height:150px;background:#ccc;border-radius:50%;padding:30px;text-align:center;vertical-align:middle;display:table-cell;position:absolute;font-size:14px;}.allhead.active{box-shadow:0px 1px 10px #666;}.allhead:hover{background:#f80f0f;}.allhead p{position:relative;font-size:14px;display:table-cell;height:100px;width:100px;vertical-align:middle;color:#fff;padding:0;top:-6px;}.fullbox{width:550px;height:550px;text-align:center;position:relative;}.c-top-area{margin:0 auto;position:absolute;top:0;left:0;right:0;background:#035154;color:#fff;}.c-top-area:after{content:"";height:35px;width:4px;display:block;position:absolute;background:#999;text-align:center;margin:0 auto;bottom:-42px;left:0;right:0;}.c-center-area{margin:0 auto;position:absolute;top:50%;left:0;right:0;-ms-transform:translateY(-50%);transform:translateY(-50%);background:#000;color:#fff;}.c-bottom-area{margin:0 auto;position:absolute;bottom:0;left:0;right:0;background:#00a0af;color:#fff;}.c-bottom-area:after{content:"";height:35px;width:4px;display:block;background:#999;text-align:center;margin:0 auto;top:-42px;position:absolute;left:0;right:0;}.c-left-area{position:absolute;top:50%;left:0;-ms-transform:translateY(-50%);transform:translateY(-50%);background:#999;color:#fff;}.c-left-area:after{content:"";height:4px;width:35px;display:block;background:#999;text-align:center;margin:0 auto;right:-42px;top:50%;position:absolute;-ms-transform:translateY(-50%);transform:translateY(-50%);}.c-right-area{color:#fff;position:absolute;top:50%;right:0;-ms-transform:translateY(-50%);transform:translateY(-50%);background:green;}.c-right-area:after{content:"";height:4px;width:35px;display:block;background:#999;text-align:center;margin:0 auto;top:50%;position:absolute;-ms-transform:translateY(-50%);transform:translateY(-50%);left:-42px;}.contentlevel{display:none;}.contentlevel.active{display:block;}.circle-content{padding:30px;}

Threat Advisory: Apple Zero-Day Vulnerabilities

Sierra Kreutzer

(CVE-2022-32894 and CVE-2022-32893)

Event Summary

Detail

SOD Actions

Additional Resources

RECOMMENDED POSTS

FAA Reporting System Failure Grounding US Flights | DeepSeas Analysis

Cyber Defense News: Bracing for a Potential Russian Winter Offensive in Ukraine and Cyber-attacks Against U.S.

Linux Kernel ksmbd Use-After-Free Vulnerability

SERVICES

ABOUT

SIGN-UP FOR FREE THREAT FLASH ALERTS

FOLLOW US