{"containers": {"cna": {"affected": [{"product": "iOS and iPadOS", "vendor": "Apple", "versions": [{"lessThan": "15.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "12.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "11.6", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}], "problemTypes": [{"descriptions": [{"description": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-18T17:59:15.000Z", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT213055"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT213053"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT213054"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2022-22587", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.3"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.2"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.6"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/en-us/HT213055", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213055"}, {"name": "https://support.apple.com/en-us/HT213053", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213053"}, {"name": "https://support.apple.com/en-us/HT213054", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213054"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:14:55.818Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT213055"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT213053"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT213054"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-22587", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T16:36:59.508094Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-01-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "timeline": [{"time": "2022-01-28T00:00:00.000Z", "lang": "en", "value": "CVE-2022-22587 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-21T23:15:43.900Z"}}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2022-22587", "datePublished": "2022-03-18T17:59:15.000Z", "dateReserved": "2022-01-05T00:00:00.000Z", "dateUpdated": "2025-10-21T23:15:43.900Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213055", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213053", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213054", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:14:55.818Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-22587", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T16:36:59.508094Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-01-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587"}}}], "timeline": [{"lang": "en", "time": "2022-01-28T00:00:00.000Z", "value": "CVE-2022-22587 added to CISA KEV"}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T16:34:18.339Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "12.2", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "11.6", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT213055", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT213053", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT213054", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2022-03-18T17:59:15.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "15.3", "version_affected": "<"}]}, "product_name": "iOS and iPadOS"}, {"version": {"version_data": [{"version_value": "12.2", "version_affected": "<"}]}, "product_name": "macOS"}, {"version": {"version_data": [{"version_value": "11.6", "version_affected": "<"}]}, "product_name": "macOS"}]}, "vendor_name": "Apple"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://support.apple.com/en-us/HT213055", "name": "https://support.apple.com/en-us/HT213055", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT213053", "name": "https://support.apple.com/en-us/HT213053", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT213054", "name": "https://support.apple.com/en-us/HT213054", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-22587", "STATE": "PUBLIC", "ASSIGNER": "product-security@apple.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-22587", "state": "PUBLISHED", "dateUpdated": "2025-10-21T23:15:43.900Z", "dateReserved": "2022-01-05T00:00:00.000Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2022-03-18T17:59:15.000Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-02-11", "cisaExploitAdd": "2022-01-28", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Apple Memory Corruption Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB2F6E42-576E-41AE-AA8A-606A3FF1A649", "versionEndExcluding": "15.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6465081-3081-4B3E-8DAD-A0E671DEF329", "versionEndExcluding": "15.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "6846D174-7E4E-4ADC-BEEB-71BD3C15EBFC", "versionEndExcluding": "11.6.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8DD9232-638D-4A8C-8D11-02F4059A06F6", "versionEndExcluding": "12.2", "versionStartIncluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}, {"lang": "es", "value": "Se abord\u00f3 un problema de corrupci\u00f3n de memoria con una comprobaci\u00f3n de entradas mejorada. Este problema es corregido en iOS versi\u00f3n 15.3 y iPadOS versi\u00f3n 15.3, macOS Big Sur versi\u00f3n 11.6.3, macOS Monterey versi\u00f3n 12.2. Una aplicaci\u00f3n maliciosa puede ser capaz de ejecutar c\u00f3digo arbitrario con privilegios del kernel. Apple est\u00e1 al tanto de un informe de que este problema puede haber sido explotado activamente"}], "id": "CVE-2022-22587", "lastModified": "2025-10-23T14:54:24.753", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-03-18T18:15:12.480", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213053"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213054"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213054"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213055"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}