Skip to content
May 19, 2025
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Primary Menu
  • Home
  • Cyber Security
  • Cybercriminals
  • Data Leak
  • Linux
  • Malware Attack
  • Open Source Tool
  • Technology
  • Vulnerability
  • Home
  • News
  • Vulnerability
  • Apple Warns of 0-Day CVE-2022-42856 vulnerability on older iPhones, iPads
  • Vulnerability

Apple Warns of 0-Day CVE-2022-42856 vulnerability on older iPhones, iPads

Ddos January 23, 2023 2 min read
CVE-2022-42856 vulnerability

Courtesy of Pixabay.

Apple on Wednesday released security updates for iOS, iPadOS, and iPod to remediate a zero-day vulnerability previously exploited by threat actors to compromise its devices.

Tracked as CVE-2022-42856, the vulnerability could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion flaw in the WebKit component. By persuading a victim to open specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Apple confirmed in-the-wild exploitation of the vulnerability in an advisory warning about code execution flaws in the security content of iOS 12.5.7.

Courtesy of Pixabay.

“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1,” the company warned.

The CVE-2022-42856 vulnerability affects iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) devices. Apple has credited Clément Lecigne of Google’s Threat Analysis Group for finding this flaw.

The company did not disclose any additional information regarding these attacks or the identities of the threat actors perpetrating them, although it’s likely that they were abused as part of intrusions.

Now Apple fixed it to older versions so users can use the Safari browser more safely. It is recommended that users with older devices update the version in time.

Today, Apple also patched dozens of other security bugs in its Safari web browser and its latest macOS, iOS, and watchOS versions.

Rate this post

Found this helpful?

If this article helped you, please share it with others who might benefit.

Tags: CVE-2022-42856

Continue Reading

Previous: PoC Code for iOS 16.2/macOS Ventura code execution (CVE-2022-42864) Published
Next: PoC Code for Arm Mali GPU Kernel Driver Flaw (CVE-2022-38181) Published

Search

💙 Support Us!
We need 50 contributors this month to keep this site running.
10 of 50 supporters this month
☕ Buy Me a Coffee PayPalDonate
Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    Copyright © All rights reserved.
    x