CVE-2022-46694
published 2022-12-15CVE-2022-46694: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS…
PriorityP180high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.35%
27.1th percentile
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_15.7.2_and_ipados | — | — |
| apple | ios_16.2_and_ipados | — | — |
| apple | ipados | < 15.7.2 | 15.7.2 |
| apple | ipados | >= 16.0 < 16.2 | 16.2 |
| apple | iphone_os | < 15.7.2 | 15.7.2 |
| apple | iphone_os | >= 16.0 < 16.2 | 16.2 |
| apple | tvos | < 16.2 | 16.2 |
| apple | tvos | >= unspecified < 16.2 | 16.2 |
| apple | tvos | >= unspecified < 15.7 | 15.7 |
| apple | tvos16.2 | — | — |
| apple | watchos | < 9.2 | 9.2 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < 9.2 | 9.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerable component is AppleAVD; monitor for suspicious or maliciously crafted video file parsing activity targeting this kernel-level driver on Apple platforms. ↗
- →The vulnerability is an out-of-bounds write triggered during video file parsing in the AppleAVD component; look for unexpected kernel crashes, panics, or privilege escalation events following video file processing on iOS, iPadOS, tvOS, or watchOS devices. ↗
- ·The vulnerability resides in the AppleAVD kernel component, meaning exploitation occurs at the kernel level during video parsing — detection via userland logging alone may be insufficient; kernel telemetry or EDR with kernel visibility is required. ↗
- ·Affected platforms span iOS, iPadOS, tvOS, and watchOS — detection and patching scope must cover all four Apple OS families, not just iOS/iPadOS. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2022-46694: tvOS16.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-46694 [HIGH] CVE-2022-46694: tvOS16.2
Apple Security Update: About the security content of tvOS16.2
Product: tvOS16.2
CVE: CVE-2022-46694
Component: AppleAVD
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
Apple
CVE-2022-46694: iOS 15.7.2 and iPadOS 15.7.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-46694 [HIGH] CVE-2022-46694: iOS 15.7.2 and iPadOS 15.7.2
Apple Security Update: About the security content of iOS 15.7.2 and iPadOS 15.7.2
Product: iOS 15.7.2 and iPadOS
Version: 15.7.2
CVE: CVE-2022-46694
Component: AppleAVD
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
Apple
CVE-2022-46694: iOS 16.2 and iPadOS 16.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-46694 [HIGH] CVE-2022-46694: iOS 16.2 and iPadOS 16.2
Apple Security Update: About the security content of iOS 16.2 and iPadOS 16.2
Product: iOS 16.2 and iPadOS
Version: 16.2
CVE: CVE-2022-46694
Component: AppleAVD
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
Apple
CVE-2022-46694: watchOS 9.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-46694 [HIGH] CVE-2022-46694: watchOS 9.2
Apple Security Update: About the security content of watchOS 9.2
Product: watchOS
Version: 9.2
CVE: CVE-2022-46694
Component: AppleAVD
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
GHSA
GHSA-m6vx-pgv7-3f4w: An out-of-bounds write issue was addressed with improved input validation
ghsa_unreviewed·2022-12-15
CVE-2022-46694 [HIGH] CWE-787 GHSA-m6vx-pgv7-3f4w: An out-of-bounds write issue was addressed with improved input validation
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
VulnCheck
Apple ipados Out-of-bounds Write
vulncheck·2022·CVSS 7.8
CVE-2022-46694 [HIGH] Apple ipados Out-of-bounds Write
Apple ipados Out-of-bounds Write
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
Affected: Apple ipados
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://support.apple.com/kb/HT213531
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2022/Dec/20http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://support.apple.com/en-us/HT213530https://support.apple.com/en-us/HT213531https://support.apple.com/en-us/HT213535https://support.apple.com/en-us/HT213536http://seclists.org/fulldisclosure/2022/Dec/20http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://support.apple.com/en-us/HT213530https://support.apple.com/en-us/HT213531https://support.apple.com/en-us/HT213535https://support.apple.com/en-us/HT213536
2022-12-15
Published
Exploited in the wild