CVE-2022-22610

CVE Database · CVE-2022-22610

CVE-2022-22610

· HIGHModified

CVSS v3.1

8.8

EPSS

0.97%

Published

Sep 23, 2022

Modified

May 22, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787CWE-787

Affected Products (6)

apple · safari (up to 15.4)vulnerable

apple · ipad_os (up to 15.4)vulnerable

apple · iphone_os (up to 15.4)vulnerable

apple · macos (up to 12.3)vulnerable

apple · tvos (up to 15.4)vulnerable

apple · watchos (up to 8.5)vulnerable

References (10)

https://support.apple.com/en-us/HT213182

Vendor Advisory

https://support.apple.com/en-us/HT213183

Vendor Advisory

https://support.apple.com/en-us/HT213186

Vendor Advisory

https://support.apple.com/en-us/HT213187

Vendor Advisory

https://support.apple.com/en-us/HT213193

Vendor Advisory

https://support.apple.com/en-us/HT213182

Vendor Advisory

https://support.apple.com/en-us/HT213183

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs