{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-32911","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-05-29T14:10:58.854Z","dateReserved":"2022-06-09T00:00:00.000Z","datePublished":"2022-09-20T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2022-10-30T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges."}],"affected":[{"vendor":"Apple","product":"iOS","versions":[{"version":"unspecified","lessThan":"16","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"11.7","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"15.7","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"12.6","status":"affected","versionType":"custom"}]}],"references":[{"url":"https://support.apple.com/en-us/HT213446"},{"url":"https://support.apple.com/en-us/HT213443"},{"url":"https://support.apple.com/en-us/HT213445"},{"url":"https://support.apple.com/en-us/HT213444"},{"url":"https://support.apple.com/kb/HT213488"},{"url":"https://support.apple.com/kb/HT213486"},{"url":"https://support.apple.com/kb/HT213487"},{"name":"20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","tags":["mailing-list"],"url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"name":"20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13","tags":["mailing-list"],"url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"name":"20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16","tags":["mailing-list"],"url":"http://seclists.org/fulldisclosure/2022/Oct/39"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"An app may be able to execute arbitrary code with kernel privileges"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T07:54:02.882Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213446","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213443","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213445","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213444","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT213488","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT213486","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT213487","tags":["x_transferred"]},{"name":"20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","tags":["mailing-list","x_transferred"],"url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"name":"20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13","tags":["mailing-list","x_transferred"],"url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"name":"20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16","tags":["mailing-list","x_transferred"],"url":"http://seclists.org/fulldisclosure/2022/Oct/39"}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-787","lang":"en","description":"CWE-787 Out-of-bounds Write"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-05-29T14:10:40.227511Z","id":"CVE-2022-32911","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-29T14:10:58.854Z"}}]}}