- 38/2024
- High
Apple has released a security update to address a vulnerability across Macs running macOS Ventura.
The addressed vulnerability could allow the local authenticated attacker with arbitrary read and write capability to bypass the pointer authentication security feature designed to block attacks trying to exploit memory corruption bugs and gain access to the affected systems by sending a specially crafted request.
Apple macOS Ventura Security Bypass Vulnerability (CVE-2022-48618):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Access
It should be highlighted that Apple is aware of the vulnerability “CVE-2022-48618” in the kernel component that has been actively exploited in the wild.
Vulnerabilities
CVE-2022-48618
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.