CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS

01-Feb-24

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.


The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component.


“An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication,” Apple said in an advisory, adding the issue “may have been exploited against versions of iOS released before iOS 15.7.1.”


In light of the active exploitation of CVE-2022-48618, CISA is recommending that Federal Civilian Executive Branch (FCEB) agencies apply the fixes by February 21, 2024.

[Read More…](CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS (thehackernews.com))

Solutions
Solutions

Services
Services

Copyright © 2024 Infopercept Consulting Pvt. Ltd.. All rights reserved. Privacy Policy / Terms of Use / Cookie preferences