← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-48618 — Actively Exploited: Multiple Products (Apple)

Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.

CVE IDCVE-2022-48618
VendorApple
ProductMultiple Products
Vulnerability nameApple Multiple Products Memory Corruption Vulnerability
Date added2024-01-31
Remediation due2024-02-21
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionApple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →