Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Another high severity security flaw has hit iOS and macOS devices - so update now

An abstract image of digital security.

A high-severity flaw found in different Mac devices has been observed being abused in the wild, with users advised to apply the patch, which has been available for some time now, as soon as possible. 

The warning was shared by the U.S. Cybersecurity and Infrastructure Agency (CISA) as it added the flaw to its list of Known Exploited Vulnerabilities (KEV), meaning it spotted hackers using it.

The flaw in question is tracked as CVE-2022-48618, and carries a severity score of 7.8. It is described as a bug in the kernel component, affecting iOS, iPadOS, macOS, tvOS, and watchOS devices.

Danger to the government

"An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication," Apple explained the bug in its security advisory. The problem "may have been exploited against versions of iOS released before iOS 15.7.1."

As is almost common practice with these vulnerabilities, Apple fixed it with improved checks. At the moment, we don’t know who the threat actors are, or how they weaponized the vulnerability. It is also unknown if the flaw was used to exfiltrate data, deploy malware, or even ransomware

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA explained, sounding the alarm for government firms who are popular targets among cybercriminals. 

According to The Hacker News, Apple fixed this flaw a long time ago - on December 13, 2022, back when it pushed iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2. However, it only notified the public in early January this year. The same publication also said that Apple already fixed a similar issue, back in July 2022 - CVE-2022-32844 (CVSS score 6.3).

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.