← Back to CVEs

CVE-2022-42827

HIGHCISA KEV

7.8

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

CVE Details

CVSS v3.1 Score7.8

SeverityHIGH

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredNONE

User InteractionREQUIRED

Published11/1/2022

Last Modified10/23/2025

Sourcekev

Honeypot Sightings0

CISA KEV

VendorApple

ProductiOS and iPadOS

Vulnerability NameApple iOS and iPadOS Out-of-Bounds Write Vulnerability

KEV Date Added2022-10-25

Remediation Due Date2022-11-15

Ransomware UseUnknown

Affected Products

apple:ipadosapple:iphone_os

Weaknesses (CWE)

CWE-787CWE-787

References

https://support.apple.com/en-us/HT213489(product-security@apple.com)

https://support.apple.com/en-us/HT213490(product-security@apple.com)

https://support.apple.com/en-us/HT213489(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213490(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-42827(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.