CVE-2022-32854
First published: Mon Sep 12 2022(Updated: )
Contacts. This issue was addressed with improved checks.
Credit: Holger Fuhrmannek Deutsche Telekom SecurityHolger Fuhrmannek Deutsche Telekom SecurityHolger Fuhrmannek Deutsche Telekom SecurityHolger Fuhrmannek Deutsche Telekom Security product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Big Sur | <11.7 | 11.7 |
| <15.7 | 15.7 | |
| <15.7 | 15.7 | |
| Apple iOS | <16 | 16 |
| Apple watchOS | <9 | 9 |
| Apple iPadOS | <15.7 | |
| Apple iPhone OS | <15.7 | |
| Apple macOS | >=11.0.0<11.7 | |
| Apple watchOS | <9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2022/Oct/39
- http://seclists.org/fulldisclosure/2022/Oct/40
- http://seclists.org/fulldisclosure/2022/Oct/45
- http://seclists.org/fulldisclosure/2022/Oct/49
- https://support.apple.com/en-us/HT213443 (Advisory)
- https://support.apple.com/en-us/HT213445 (Advisory)
- https://support.apple.com/en-us/HT213446 (Advisory)
- https://support.apple.com/kb/HT213486
- https://support.apple.com/kb/HT213445
- https://support.apple.com/kb/HT213443
- https://support.apple.com/en-us/HT213486 (Advisory)
- https://support.apple.com/kb/HT213446
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-42789
- CVE-2022-32904
- CVE-2022-32902
- CVE-2022-42819
- CVE-2022-32854
- CVE-2022-32877
- CVE-2022-1622
- CVE-2022-32913
- CVE-2022-32896
- CVE-2022-46701
- CVE-2022-32914
- CVE-2022-32866
- CVE-2022-32911
- CVE-2022-32924
- CVE-2022-32864
- CVE-2022-32894
- CVE-2022-32917
- CVE-2022-32883
- CVE-2022-32908
- CVE-2021-39537
- CVE-2022-32900
- CVE-2022-32881
- CVE-2022-42793
- CVE-2022-42790
- CVE-2022-32934
- CVE-2022-1720
- CVE-2022-2000
- CVE-2022-2042
- CVE-2022-2124
- CVE-2022-2125
- CVE-2022-2126
- CVE-2022-32875
- CVE-2022-32888
- CVE-2022-42795
- CVE-2022-32907
- CVE-2022-32858
- CVE-2022-32898
- CVE-2022-32899
- CVE-2022-32889
- CVE-2022-32928
- CVE-2022-32903
- CVE-2022-32879
- CVE-2022-32870
- CVE-2021-36690
- CVE-2022-32835
- CVE-2022-32886
- CVE-2022-32912
- CVE-2022-32891
- CVE-2022-32893
- CVE-2022-46709
- CVE-2022-32925
- CVE-2022-32827
- CVE-2022-32909
- CVE-2022-32867
- CVE-2022-32865
- CVE-2022-22643
- CVE-2022-32793
- CVE-2022-26744
- CVE-2022-32887
- CVE-2022-32916
- CVE-2022-32918
- CVE-2022-32795
- CVE-2022-32868
- CVE-2022-32872
- CVE-2022-32871
- CVE-2022-42791
- CVE-2022-32859
- CVE-2022-32833
- CVE-2022-32892
- CVE-2022-42796
- CVE-2022-32929
Frequently Asked Questions
What is CVE-2022-32854?
CVE-2022-32854 is a vulnerability in the Contacts feature of Apple iOS, iPadOS, watchOS, and macOS Big Sur.
How does CVE-2022-32854 impact my device?
CVE-2022-32854 allows an attacker to execute arbitrary code with kernel privileges on a targeted device.
Which versions of Apple software are affected by CVE-2022-32854?
Apple iOS up to version 16, Apple iPadOS up to version 15.7, Apple watchOS up to version 9, and Apple macOS Big Sur up to version 11.7 are affected.
How can I fix CVE-2022-32854?
To fix CVE-2022-32854, update your Apple device to the latest available version of the affected software.
Where can I find more information about CVE-2022-32854?
You can find more information about CVE-2022-32854 on the official Apple support website.
- agent/first-publish-date
- agent/type
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/event
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/11.0.0
- canonical/apple watchos
- canonical/apple macos big sur
- canonical/apple ios