Warning: Apple have reported this as a vulnerability with known exploitation in the wild against verssions of iOS prior to 15.1. Adjoining Splittail was announced by Apple as a vulnerability in WebKit with an released on 2022-11-30. The vulnerability was credited to of Google’s . update Clément Lecigne Threat Analysis Group Exploitation is through maliciously crafted web content which allows for arbitrary code execution on a client. Vulnonym: Adjoining Splittail CVE Number: CVE-2022-42856 CWE Number: CWE-704 What is the scope of the vulnerability? Minor versions prior to iOS 16.1.2 iOS and iPadOS 15.7.2 macOS Ventura 13.1 tvOS 16.2 Safari 16.2 What’s the impact? As this is a vulnerability in WebKit, visiting a site or service with maliciously crafted content can allow the execution of code by the attacker on the client device. Potential impacts of this, depending on details and setup, could lead to full device compromise. What’s the threat? Details are limited, however, this has been reported as suffering active exploitation against versions of iOS prior to 15.1 and the threat should be considered severe. What’s the mitigation? Proxy servers designed to block access to sites based current threat intelligence may reduce the risk of users being exposed to maliciously crafted content before updates can be applied. What’s the fix? Apply the latest Apple . security updates What’s the weakness? is the common weakness where software has not been designed to correctly convert an object from one type to another. This occurs when code uses an object without checking it is as expected. This can lead to the wrong pointers or data being fed into a function, which can allow for code execution from data provided as the object. CWE-704 As type confusion can allow for direct execution of arbitrary code at a privileged level, it is an important weakness to check for. Prevention is best through ensuring that developers apply appropriate type checking whenever accepting input and safely discard any inputs which do not match the expected types correctly. The Details Due to reports of active exploitation, remediation activity falls under CISA’s meaning that applying remediation is required by federal agencies within 60 days of patch release. BOD 22-01

Read My Stories

Too Long; Didn't Read

Questions about cloud security? Get answers here.

CVE-2022-42856: Adjoining Splittail Vulnerability Report

Too Long; Didn't Read

James Bore

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

CVE-2022-42856: Adjoining Splittail Vulnerability Report

Too Long; Didn't Read

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES