Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

CISA Alerts on iOS Vulnerability

February 1, 2024
Reading Time: 3 mins read
in Alerts

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a significant security threat, adding a high-severity flaw to its Known Exploited Vulnerabilities catalog. This flaw affects multiple Apple platforms, including iOS, iPadOS, macOS, tvOS, and watchOS, and is tracked as CVE-2022-48618 with a CVSS score of 7.8. The vulnerability resides in the kernel component, enabling attackers with arbitrary read and write capability to potentially bypass Pointer Authentication. Apple acknowledged the issue in an advisory, stating that it might have been exploited in versions of iOS released before iOS 15.7.1. Despite patches being released on December 13, 2022, the public disclosure only occurred more than a year later, on January 9, 2024.

Apple’s response to the CVE-2022-48618 vulnerability involved implementing improved checks to address the problem. However, the exact methods of exploitation in real-world attacks remain unknown. Intriguingly, the patches were made available with the release of iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2, marking a proactive approach by Apple to address the issue. Notably, Apple had previously addressed a similar kernel flaw (CVE-2022-32844, CVSS score: 6.3) in iOS 15.6 and iPadOS 15.6 on July 20, 2022, by enhancing state management related to arbitrary kernel read and write capabilities. Despite this, the delay in public disclosure of the recent vulnerability raises questions about the timeline and communication surrounding critical security issues.

In response to the active exploitation of CVE-2022-48618, CISA has urged Federal Civilian Executive Branch (FCEB) agencies to apply the provided fixes by February 21, 2024. The urgency emphasizes the severity of the threat and the need for swift action to secure systems and data. This development coincides with Apple’s efforts to address another exploited security flaw in the WebKit browser engine (CVE-2024-23222, CVSS score: 8.8). The company expanded patches for this vulnerability, extending coverage to include its Apple Vision Pro headset and providing the fix in visionOS 1.0.2. These collective efforts underscore the ongoing challenges in maintaining digital security in the face of evolving threats and the importance of timely mitigation strategies.

Reference:
  • CISA Adds One Known Exploited Vulnerability to Catalog
Tags: AppleCISACyber AlertCyber Alerts 2024Cyber RiskCyber threatFebruary 2024iOSiPadOSMacOStvOSVulnerabilitieswatchOS
ADVERTISEMENT

Related Posts

Glibc Flaw Gives Linux Root Access Risk

Mozilla Urgent Firefox Patch Fixes RCE Flaws

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

ModiLoader Malware Targets Windows Users

May 19, 2025
Glibc Flaw Gives Linux Root Access Risk

Glibc Flaw Gives Linux Root Access Risk

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

APT28 RoundPress Webmail Hack Steals Emails

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

Fileless Remcos RAT Delivery Via LNK Files

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial