November Vuln of the Month: CVE-2022-32893
Share with Your Network
November’s Vuln of the Month spotlights our first-ever Apple platform vulnerability—one that may pose serious risks to organizations that haven’t directed users to update their iOS and MacOS versions. It’s under active attack, so this one is worth a look.
CVE-2022-32893 is an out-of-bounds write vulnerability within WebKit, which is the web browser engine used by Safari and other iOS and MacOS apps. By crafting malicious web content, attackers can remotely execute arbitrary code.
Our research shows that CVE-2022-32893 meets many of the criteria we look for in a vulnerability that could be exploited, including:
- Access complexity: Low
- Potential attack surface: Massive
- Exploitable remotely: Yes
- Authentication/privilege requirements: None
- Potential impact on availability: Complete
- Exploit code published: No
- Active exploits observed: Yes
CVE-2022-32893 earns a Kenna Risk Score of 93, which means it represents a greater risk than 99% of all the CVEs we’ve scored. CVSS 3 also recognizes the risk assigning a base score of 8.8 (High). So make no mistake: This is a high-risk vuln.
Why CVE-2022-32893 matters
Apple has 1.8 billion active devices today—essentially an Apple device for one out of every four people on the planet. (That’s more than all Windows 10 and Windows 11 devices combined.) This makes the potential attack surface for this remote code execution vuln very broad indeed. In addition, many Apple devices fall into the BYOD camp, so IT and security staffs will need to work hard to impress upon users to make the upgrades needed to close this vuln.
Bottom line
For organizations whose employees use Apple devices to access corporate networks, apps and data, prompt mitigation should be a priority. Attackers have already exploited this vuln, and the fact that so many Apple devices are BYOD assets makes effective remediation more challenging than if corporate-owned Windows PCs were the target.
Mitigation status
Apple addressed this vulnerability in updates to its various current operating systems: iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Administrators that don’t have direct control over Apple assets should encourage users to update their Apple devices ASAP.
Watch this space for regular Vuln of the Month spotlights, which appear on the second Tuesday of each month. Meanwhile, if you find yourself chasing new and emerging vulns but never quite catching up, learn more about how Kenna Security can help you focus on your highest-risk vulnerabilities, rather than headlines, thanks in part to our vulnerability intelligence powered by machine learning.
