CISA Issues Warning on Actively Exploited Vulnerability in Apple iOS and macOS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised an alert regarding a high-severity vulnerability affecting iOS, iPadOS, macOS, tvOS, and watchOS. This flaw, identified as CVE-2022-48618 with a CVSS score of 7.8, specifically targets the kernel component and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation.

According to Apple’s advisory, the vulnerability allows an attacker with arbitrary read and write capabilities to potentially bypass Pointer Authentication. The issue may have been exploited in versions of iOS released before iOS 15.7.1. Apple addressed the problem with enhanced checks, although the specific details of how the vulnerability is being leveraged in real-world attacks remain unknown.

Despite patches being released on December 13, 2022, accompanying iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2, the disclosure of the vulnerability only occurred more than a year later on January 9, 2024. Notably, Apple had previously resolved a similar kernel flaw (CVE-2022-32844, CVSS score: 6.3) in iOS 15.6 and iPadOS 15.6 on July 20, 2022. The relationship between the two vulnerabilities remains unclear.

CISA is urging Federal Civilian Executive Branch (FCEB) agencies to apply the provided fixes by February 21, 2024, in response to the observed active exploitation of CVE-2022-48618. This advisory emphasizes the urgency of addressing the vulnerability to mitigate potential risks.

Simultaneously, Apple has expanded its efforts to address security concerns by extending patches for an actively exploited flaw in the WebKit browser engine (CVE-2024-23222, CVSS score: 8.8) to include the Apple Vision Pro headset. The fix is available in visionOS 1.0.2, showcasing the company’s commitment to fortifying its ecosystem against emerging cyber threats.

To mitigate the risks associated with the exploited Apple iOS and macOS vulnerability, users are strongly advised to promptly update their devices with the latest software patches provided by Apple. Regularly checking for software updates, exercising caution with downloads and email attachments, and being mindful of security advisories can contribute significantly to maintaining a secure Apple ecosystem.