Share This:

This week, Apple has released security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. This vulnerability could potentially allow threat actors to bypass authentication and execute arbitrary code with kernel. This vulnerability is tracked as CVE-2022-42856 (broken authentication method) and has not yet received a CVSSv3 base scores. Barracuda MSP recommends updating affected Apple products as soon as possible with the latest patch released for this vulnerability.

What is the threat?

A zero-day vulnerability exists in the Apple versions of iOS released before iOS 15.1. The critical vulnerability, CVE-2022-42856, makes it possible for a malicious threat actor to trigger the WebKit browser by inputting specially crafted content leading to arbitrary code execution.

Why is it noteworthy?

Apple provides multiple operating systems that are used commercially, privately, and globally in all sectors. Vulnerabilities with these operating systems can be dangerous because upon successful exploitation, threat actors will have unlimited access.

Apple has had 9 other zero-day vulnerabilities this year, such as the one in November, CVE-2022-32917, which was classified as critical.

What is the exposure or risk?

Successful exploitation allows a malicious actor to execute any number of arbitrary codes as an admin user, giving them full control of your network thus bypassing any security protocols that have been put in place. This can open the door to a ransomware event, business email compromise that can lead to temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses, and potential harm to an organization’s reputation.

What are the recommendations?

Barracuda MSP recommends the following actions to limit the impact of an arbitrary code execution attack:

References

For more in-depth information about the recommendations, please visit the following links:

Apple Support – Security Updates

Barracuda Solutions for Ransomware | Barracuda Networks

If you have any questions, please contact our Security Operations Center.


Share This:
Kevin Ghee

Posted by Kevin Ghee

Kevin is a Cybersecurity Analyst at Barracuda MSP. He's a security expert, working on our Blue Team within our Security Operations Center. Kevin supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

All Posts

Leave a reply

Your email address will not be published. Required fields are marked *