Search for vulnerabilities
Vulnerability details: VCID-tkht-1fer-aaab
Vulnerability ID VCID-tkht-1fer-aaab
Aliases CVE-2022-32792
Summary An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32792.json
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.0025 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00257 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00257 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00257 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00272 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00297 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00316 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
epss 0.00584 https://api.first.org/data/v1/epss?cve=CVE-2022-32792
cvssv3.1 8.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32792
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-32792
archlinux Critical https://security.archlinux.org/AVG-2789
archlinux Critical https://security.archlinux.org/AVG-2790
archlinux Critical https://security.archlinux.org/AVG-2791
cvssv3.1 8.8 https://support.apple.com/en-us/HT213340
ssvc Track https://support.apple.com/en-us/HT213340
cvssv3.1 8.8 https://support.apple.com/en-us/HT213341
ssvc Track https://support.apple.com/en-us/HT213341
cvssv3.1 8.8 https://support.apple.com/en-us/HT213342
ssvc Track https://support.apple.com/en-us/HT213342
cvssv3.1 8.8 https://support.apple.com/en-us/HT213345
ssvc Track https://support.apple.com/en-us/HT213345
cvssv3.1 8.8 https://support.apple.com/en-us/HT213346
ssvc Track https://support.apple.com/en-us/HT213346
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32792.json
https://api.first.org/data/v1/epss?cve=CVE-2022-32792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32891
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://support.apple.com/en-us/HT213340
https://support.apple.com/en-us/HT213341
https://support.apple.com/en-us/HT213342
https://support.apple.com/en-us/HT213345
https://support.apple.com/en-us/HT213346
2238973 https://bugzilla.redhat.com/show_bug.cgi?id=2238973
AVG-2789 https://security.archlinux.org/AVG-2789
AVG-2790 https://security.archlinux.org/AVG-2790
AVG-2791 https://security.archlinux.org/AVG-2791
cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-32792 https://nvd.nist.gov/vuln/detail/CVE-2022-32792
RHSA-2022:7704 https://access.redhat.com/errata/RHSA-2022:7704
RHSA-2022:8054 https://access.redhat.com/errata/RHSA-2022:8054
USN-5568-1 https://usn.ubuntu.com/5568-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32792.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32792
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32792
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213340
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T19:40:52Z/ Found at https://support.apple.com/en-us/HT213340
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213341
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T19:40:52Z/ Found at https://support.apple.com/en-us/HT213341
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213342
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T19:40:52Z/ Found at https://support.apple.com/en-us/HT213342
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213345
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T19:40:52Z/ Found at https://support.apple.com/en-us/HT213345
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213346
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T19:40:52Z/ Found at https://support.apple.com/en-us/HT213346
Exploit Prediction Scoring System (EPSS)
Percentile 0.45582
EPSS Score 0.0025
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.