CVE-2022-32832

Vulnerability

A memory corruption issue exists in the Apple File System (APFS) component of Apple operating systems. An app with root privileges can exploit this vulnerability to execute arbitrary code with kernel privileges. Affected versions include iOS and iPadOS prior to 15.6, macOS Big Sur prior to 11.6.8, watchOS prior to 8.7, tvOS prior to 15.6, macOS Monterey prior to 12.5, and macOS Catalina prior to Security Update 2022-005 [1][2][3][4].

Exploitation

An attacker must first gain root privileges on the device, for example through another vulnerability or by having physical access. Once root access is obtained, the attacker can leverage the memory corruption in APFS to execute arbitrary code in the kernel context. No user interaction beyond the initial compromise is required [1][2][3][4].

Impact

Successful exploitation allows an attacker to execute arbitrary code with kernel privileges, leading to full compromise of the device. This includes the ability to read and modify any data, install malware, and potentially bypass security mechanisms [1][2][3][4].

Mitigation

Apple has addressed the vulnerability in the following releases: iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, and Security Update 2022-005 for Catalina. These updates were released on July 20, 2022. Users should update their devices to the latest available versions. No workarounds are available [1][2][3][4].