cbcvebase.
CVE-2022-42864
published 2022-12-15

CVE-2022-42864: A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2…

PriorityP182high7CVSS 3.1
AVLACHPRNUIRSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.86%
53.8th percentile
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.

Affected

22 ranges
VendorProductVersion rangeFixed in
appleios_15.7.2_and_ipados
appleios_16.2_and_ipados
appleipados< 15.7.215.7.2
appleipados>= 16.0 < 16.216.2
appleiphone_os< 15.7.215.7.2
appleiphone_os>= 16.0 < 16.216.2
applemacos< 11.7.211.7.2
applemacos
applemacos>= 12.0 < 12.6.212.6.2
applemacos>= unspecified < 11.711.7
applemacos_big_sur
applemacos_monterey
applemacos_ventura
appletvos< 16.216.2
appletvos>= unspecified < 16.216.2
appletvos>= unspecified < 13.113.1
appletvos>= unspecified < 12.612.6
appletvos>= unspecified < 15.715.7
appletvos16.2
applewatchos< 9.29.2
applewatchos
applewatchos>= unspecified < 9.29.2

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerable component is IOHIDFamily kernel extension; monitor for unexpected process interactions with IOHIDFamily that could indicate race condition exploitation leading to kernel-level code execution.
  • ·Vulnerability affects multiple Apple platforms; patched versions are tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2, iPadOS 15.7.2, iOS 16.2, iPadOS 16.2, and watchOS 9.2. Devices running older versions remain vulnerable.

CVSS provenance

nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.