{"vulnerability": "CVE-2022-3294", "sightings": [{"uuid": "8b6632cb-c493-4cad-a8b3-36b869437139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12537", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32948\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T19:16:01.190Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213345\n2. https://support.apple.com/en-us/HT213346", "creation_timestamp": "2025-04-18T19:59:12.000000Z"}, {"uuid": "bd282d6b-9bb4-4b31-85e8-b39eb2d879be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/BloodyofcProof/153", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\nFollow: Kingsman", "creation_timestamp": "2023-01-11T20:29:17.000000Z"}, {"uuid": "a95c71ba-1c29-4f6f-8003-f1316e9a822e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/codeby_sec/6761", "content": "\u200b\ud83d\udd2e \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 iOS \u0438 macOS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0430\u0442\u044c \u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0441 Siri\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0413\u0438\u043b\u044c\u0435\u0440\u043c\u0435 \u0420\u044d\u043c\u0431\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 iOS \u0438 macOS. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 Bluetooth \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u044b\u043c \u043f\u043e\u043c\u043e\u0449\u043d\u0438\u043a\u043e\u043c Siri.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Apple, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u043e\u0433\u043b\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0437\u0432\u0443\u043a \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u043d\u0430\u0443\u0448\u043d\u0438\u043a\u0438 AirPods. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u043b\u0430\u0441\u044c \u0432 Core Bluetooth. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2022 \u0433\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 SiriSpy (CVE-2022-32946).\n\n\u00ab\u041e\u0431\u0440\u0430\u0442\u0438\u0442\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430. \u0422\u0430\u043a\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u0438\u0442 \u0441\u043b\u0435\u0434\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u00bb, \u2014 \u043f\u0438\u0448\u0435\u0442 \u0420\u044d\u043c\u0431\u043e.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 \u0432 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 iOS 16.1 \u0438 macOS 13. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0432\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\ud83d\uddde \u0411\u043b\u043e\u0433 \u041a\u043e\u0434\u0435\u0431\u0430\u0439\n\n#news #apple #data", "creation_timestamp": "2022-10-27T13:18:14.000000Z"}, {"uuid": "7cb571dd-f462-4f90-b86d-3ceab261ce28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32943", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12700", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32943\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:19:48.118Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213532\n2. https://support.apple.com/en-us/HT213530\n3. http://seclists.org/fulldisclosure/2022/Dec/20\n4. http://seclists.org/fulldisclosure/2022/Dec/23", "creation_timestamp": "2025-04-21T16:03:08.000000Z"}, {"uuid": "4c01c80a-1ac2-48b4-b6d9-4e3983002356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32942", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12697", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32942\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:21:24.886Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213532\n2. https://support.apple.com/en-us/HT213534\n3. https://support.apple.com/en-us/HT213533\n4. http://seclists.org/fulldisclosure/2022/Dec/25\n5. http://seclists.org/fulldisclosure/2022/Dec/23\n6. http://seclists.org/fulldisclosure/2022/Dec/24", "creation_timestamp": "2025-04-21T16:03:05.000000Z"}, {"uuid": "511bf3bd-66af-4d99-85b7-df052200160a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32945", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12701", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32945\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:18:41.279Z\n\ud83d\udd17 References:\n1. https://support.apple.com/kb/HT213489\n2. https://support.apple.com/en-us/HT213488", "creation_timestamp": "2025-04-21T16:03:09.000000Z"}, {"uuid": "ce3e916a-589c-42d0-9f1b-2285f6986b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15171", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32947\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:01:34.762Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213488\n2. https://support.apple.com/en-us/HT213489\n3. https://support.apple.com/en-us/HT213491", "creation_timestamp": "2025-05-06T18:21:26.000000Z"}, {"uuid": "665a684d-7be5-43eb-98f1-47daaedc8582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/367", "content": "Top Security News for 18/09/2023\n\nAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation\nhttps://www.reddit.com/r/netsec/comments/16l167p/account_takeover_in_canvas_apps_served_in_comet/ \n\nCVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)\nhttps://www.reddit.com/r/netsec/comments/16kwvfl/cve202232947_macos_gpulaunched_kernel_privilege/ \n\nTickling ksmbd: fuzzing SMB in the Linux kernel\nhttps://www.reddit.com/r/netsec/comments/16kvckv/tickling_ksmbd_fuzzing_smb_in_the_linux_kernel/ \n\nISC Stormcast For Monday, September 18th, 2023 https://isc.sans.edu/podcastdetail/8662, (Mon, Sep 18th)\nhttps://malware.news/t/isc-stormcast-for-monday-september-18th-2023-https-isc-sans-edu-podcastdetail-8662-mon-sep-18th/73542#post_1 \n\nFinancially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks\nhttps://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html \n\nNorth Korea's Lazarus Group Suspected in $31 Million CoinEx Heist\nhttps://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html \n\nAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation\nhttps://www.reddit.com/r/netsec/comments/16l167p/account_takeover_in_canvas_apps_served_in_comet/ \n\nClop gang stolen data from major North Carolina hospitals\nhttps://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html \n\nA Practical Approach to SBOM in CI/CD. Presenting concept of SBOM, its advantages, popular formats and practical implementations for both Java and Python projects.\nhttps://www.reddit.com/r/netsec/comments/16l5vtu/a_practical_approach_to_sbom_in_cicd_presenting/ \n\nCVE-2023-34040 Spring Kafka Deserialization Remote Code Execution\nhttps://www.reddit.com/r/netsec/comments/16kvb77/cve202334040_spring_kafka_deserialization_remote/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-09-18T07:00:08.000000Z"}, {"uuid": "6bb6dad9-00fd-48d4-b301-0b3b2ce52183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32944", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15168", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32944\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:04:49.365Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213488\n2. https://support.apple.com/en-us/HT213493\n3. https://support.apple.com/en-us/HT213494\n4. https://support.apple.com/en-us/HT213489\n5. https://support.apple.com/en-us/HT213492\n6. https://support.apple.com/en-us/HT213491\n7. https://support.apple.com/en-us/HT213490", "creation_timestamp": "2025-05-06T18:21:22.000000Z"}, {"uuid": "08a619dc-321e-4568-b376-b9c65c8c33f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32941", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15166", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32941\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A buffer overflow may result in arbitrary code execution.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:06:50.859Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213488\n2. https://support.apple.com/en-us/HT213493\n3. https://support.apple.com/en-us/HT213494\n4. https://support.apple.com/en-us/HT213489\n5. https://support.apple.com/en-us/HT213490", "creation_timestamp": "2025-05-06T18:21:20.000000Z"}, {"uuid": "4de5acdf-18f6-40cc-85e3-57fcac62233e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15170", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32946\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:03:33.775Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213489", "creation_timestamp": "2025-05-06T18:21:25.000000Z"}, {"uuid": "558311a9-7b86-4404-913a-b382614935b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1170", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n*\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u0435\u0442 4 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\u041f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043d\u0430:\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-11-11T21:17:44.000000Z"}, {"uuid": "e0a53acb-9e1f-4266-bcce-5c38142b4db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/q04hnxfYFQjRLZLmMEhzxJlEctqDxDNihExyi-d7b7wDJg", "content": "", "creation_timestamp": "2024-05-03T15:01:39.000000Z"}, {"uuid": "16d905e3-8e69-4ff9-a8a8-86c28787758d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/VENOMOUS7t1/1536", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\nShare and join : @afraxratofficials", "creation_timestamp": "2023-09-19T13:50:29.000000Z"}, {"uuid": "d2e40ec1-2d41-441e-965e-fd6dfe81956a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/HackingVidhya/345", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n\u27a1\ufe0f PLEASE GIVE REACTION \u2620\ufe0f\n\n\u2b50FOR MORE\u27a1\ufe0f \n\n\ud83d\udd38SHARE OUR CHANNEL IN YOUR GROUP OR CHANNEL HELP US TO GROW\ud83d\udd3b", "creation_timestamp": "2023-08-22T18:02:03.000000Z"}, {"uuid": "7aaf1807-5ae0-4632-a842-be67fae7afca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/weareaig/334", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-12-22T15:41:35.000000Z"}, {"uuid": "9811cfc3-da06-45a7-9da8-57f6cb62a859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/lordofficials2/981", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2023-09-03T06:12:59.000000Z"}, {"uuid": "878f58e7-5c4a-40ae-b5d8-e25764f6e189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/HackingAndCrackingTools/367", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n\u27a1\ufe0f PLEASE GIVE REACTION \u2620\ufe0f\n\n\ud83d\udd38SHARE OUR CHANNEL IN YOUR GROUP OR CHANNEL HELP US TO GROW\ud83d\udd3b", "creation_timestamp": "2023-10-18T22:22:08.000000Z"}, {"uuid": "5f128f54-b6a4-43cb-bb61-d99a79878c5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "seen", "source": "https://t.me/breachdetector/141517", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"weightBufs_iOS.zip 5.5 MB \ud83d\udcf2 In the neural engine from apple (ANE), which is essentially an NPU and the first generation appeared in the A11 chip, as part of it. \ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx \ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation \ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue. \ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue. Actually, these kernel waves affected almost all iOS versions from 15 to 16 (15 - 15.5), except for sbx, which was fixed in iOS 15.6. Therefore, for successful operation on iOS 15.6/15.7 devices, it is necessary to break the sploitchain and re-make sbx. WeightBufs - nuclear r / w splits (as stated - affects all apple devices with ANE support, which combines these waves and, in addition to the aforementioned iOS versions, also affects macOS versions: 12 - 12.4.\u200c\u200c https://t.me/documentors\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"13 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-13T21:32:38.000000Z"}, {"uuid": "082e2a8e-5df2-49bc-98b8-f33cf6630773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/weareaig/12748", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-12-22T15:41:35.000000Z"}, {"uuid": "58bcdb0a-6327-44e8-9bb9-9028e2a20388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/atlantiscyberarmy/12747", "content": "\ud83d\udcf2 In the neural engine from apple (ANE), which is essentially an NPU and the first generation appeared in the A11 chip, as part of it.\n\n\ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx\n\n\ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation\n\n\ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\n\ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nActually, these kernel waves affected almost all iOS versions from 15 to 16 (15 - 15.5), except for sbx, which was fixed in iOS 15.6. Therefore, for successful operation on iOS 15.6/15.7 devices, it is necessary to break the sploitchain and re-make sbx. WeightBufs - nuclear r / w splits (as stated - affects all apple devices with ANE support, which combines these waves and, in addition to the aforementioned iOS versions, also affects macOS versions: 12 - 12.4.", "creation_timestamp": "2023-05-05T00:57:58.000000Z"}, {"uuid": "985c30ba-127f-4d5b-affe-257c87acba54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/true_secator/3627", "content": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0432\u0448\u0430\u044f \u0432 Apple iOS \u0438 macOS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a Bluetooth \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 Siri \u0438 \u0444\u043e\u043d\u043e\u0432\u044b\u0439 \u0437\u0432\u0443\u043a.\n\n\u041e\u0448\u0438\u0431\u043a\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0413\u0438\u043b\u044c\u0435\u0440\u043c\u0435 \u0420\u044d\u043c\u0431\u043e \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2022 \u0433\u043e\u0434\u0430, \u0435\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-32946. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 Core Bluetooth \u0431\u044b\u043b\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u0432 iOS 16.1.\n\nApple \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0430, \u0447\u0442\u043e \u043b\u044e\u0431\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a Bluetooth \u043c\u043e\u0433\u043b\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u044b \u0441 Siri \u0438 \u0437\u0432\u0443\u043a \u0438\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u0438\u043a\u0442\u043e\u0432\u043a\u0438 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b iOS \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0433\u0430\u0440\u043d\u0438\u0442\u0443\u0440 AirPods \u0438\u043b\u0438 Beats.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0443 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0431\u044b \u0434\u0430\u0436\u0435 \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0441\u043b\u0435\u0434\u044b \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u0430, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e \u0441\u043b\u0443\u0436\u0431\u043e\u0439 DoAP, \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 AirPods \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 Siri \u0438 \u0414\u0438\u043a\u0442\u043e\u0432\u043a\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a AirPods \u0447\u0435\u0440\u0435\u0437 Bluetooth \u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0437\u0432\u0443\u043a \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043a Bluetooth, \u044d\u0442\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 Bluetooth-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e, \u043d\u0435 \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u044b \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u043a \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u0430\u043c \u0441 Siri \u0438 \u0430\u0443\u0434\u0438\u043e \u0438\u0437 \u0434\u0438\u043a\u0442\u043e\u0432\u043a\u0438.\n\n\u0412 macOS \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Transparency, Consent and Control (TCC), \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043b\u044e\u0431\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u044b \u0441 Siri \u0431\u0435\u0437 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0442\u0430\u043a\u043e\u0433\u043e \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043f\u0440\u0430\u0432 \u0434\u043b\u044f \u0441\u043b\u0443\u0436\u0431\u044b BTLEServerAgent, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u0432\u0443\u043a\u0430 DoAP.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f iPhone 8 \u0438 \u043d\u043e\u0432\u0435\u0435, iPad Pro (\u0432\u0441\u0435 \u043c\u043e\u0434\u0435\u043b\u0438), iPad Air 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, iPad 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 iPad mini 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435.\n\n\u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u0432\u043e \u0432\u0441\u0435\u0445\u00a0\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445\u00a0macOS.", "creation_timestamp": "2022-10-27T15:40:05.000000Z"}, {"uuid": "e4943048-2440-40ff-ba82-f03b5ba2baf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/140722", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"exploit for iOS 15_macOS 12.zip 5.5 MB kernel r/w exploit for iOS 15 and macOS 12 CVE-2022-32845 : aned signature check bypass for model.hwx. CVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation. CVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue. CVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue. \ud83d\udcf1 iPhone12 Pro (iPhone13,3) with iOS 15.5. iPad Pro (iPad8,10) with iPadOS 15.5. iPhone11 Pro (iPhone12,3) with iOS 15.4.1. MacBookAir10,1 M1 with macOS 12.4.\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"12 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-12T12:52:39.000000Z"}, {"uuid": "2c051672-1b71-4caf-9947-631d7376b366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/wFjLsrXfOjTC_RSiQNlk4mhDivMVF1sPgYUZ0DXVWMcgKKw", "content": "", "creation_timestamp": "2022-11-19T23:36:08.000000Z"}, {"uuid": "d1af8e7b-67cf-4032-891d-bf0c93d46c87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/androidMalware/1683", "content": "SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri (CVE-2022-32946 - $7000 bounty)\n\"Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets.\"\nhttps://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop", "creation_timestamp": "2023-07-09T12:16:49.000000Z"}, {"uuid": "24fb6ed7-af19-4dcd-aa36-2b151a77d805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/1850", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25 In apple's neural engine(ANE), which is essentially an NPU and the first generation appeared back in the A11 chip as part of it, Mohamed recently discovered several vulnerabilities: \n\ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx\n\ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation\n\ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nChannel:\n@Professional_c_h\n@card_crack_hack", "creation_timestamp": "2022-11-24T15:47:29.000000Z"}, {"uuid": "503f1acc-08be-4302-8a9c-3034d80adec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "seen", "source": "https://t.me/cibsecurity/52428", "content": "\u203c CVE-2022-32947 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T23:23:49.000000Z"}, {"uuid": "fb6929fc-1534-4260-a606-1e2c3d5cce87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/ybUwh9LDZgVdO3P36AJSTnUkuciGW721dGm-1ch46pdTmQ", "content": "", "creation_timestamp": "2022-11-12T14:57:45.000000Z"}, {"uuid": "03132afa-73af-416b-a1ff-126273fdf59f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/j1JpK9ov52voeLmhAvzE5bQ_t2pg9kk-XzMoFlMR1gHdjg", "content": "", "creation_timestamp": "2023-01-12T04:34:51.000000Z"}, {"uuid": "4ec3bdaa-a0c8-4aa6-bb25-eeef832418d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4324", "content": "Kernel r/w Exploit for iOS 15 and macOS 12 \n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\n\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\n\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nTested On : \n\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n#IOS #Exploit\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-11-12T16:32:03.000000Z"}, {"uuid": "04561e00-020c-488e-aa3d-6ed078387d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/SecLabNews/12909", "content": "Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 iOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u044b \u0441 Siri\n\n\u2014 \u041e\u0448\u0438\u0431\u043a\u0435, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 SiriSpy, \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-32946. \u0415\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0413\u0438\u043b\u044c\u0435\u0440\u043c\u0435 \u0420\u044d\u043c\u0431\u043e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e \u043d\u0435\u0439 \u0432 Apple.\n\n\u2014 \u00ab\u041b\u044e\u0431\u043e\u0439 \u0441\u043e\u0444\u0442, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a Bluetooth, \u043c\u043e\u0433 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0432\u0430\u0448\u0435 \u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0441 Siri, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0432\u0432\u043e\u0434\u0430 \u0442\u0435\u043a\u0441\u0442\u0430 \u0432 iOS. \u0417\u0430\u043f\u0438\u0441\u044c \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 \u0433\u0430\u0440\u043d\u0438\u0442\u0443\u0440\u0443 AirPods \u0438\u043b\u0438 Beats\u00bb, \u2014 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u0420\u044d\u043c\u0431\u043e.\n\n\u2014 \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u044b\u043b\u0430\u0441\u044c \u0432 Core Bluetooth, \u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c iOS 16.1 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0434\u044b\u0440\u0443.\n\n https://www.securitylab.ru/news/534562.php", "creation_timestamp": "2022-10-28T19:30:15.000000Z"}, {"uuid": "d9dcb377-c65a-4242-8285-77a15b5844c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32946", "type": "seen", "source": "https://t.me/kharchevnikov/3470", "content": "Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 iOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u044b \u0441 Siri\n\n\u041e\u0448\u0438\u0431\u043a\u0435, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 SiriSpy, \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-32946. \u0415\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0413\u0438\u043b\u044c\u0435\u0440\u043c\u0435 \u0420\u044d\u043c\u0431\u043e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e \u043d\u0435\u0439 \u0432 Apple.\n\n\u00ab\u041b\u044e\u0431\u043e\u0439 \u0441\u043e\u0444\u0442, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a Bluetooth, \u043c\u043e\u0433 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0432\u0430\u0448\u0435 \u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0441 Siri, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0432\u0432\u043e\u0434\u0430 \u0442\u0435\u043a\u0441\u0442\u0430 \u0432 iOS. \u0417\u0430\u043f\u0438\u0441\u044c \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 \u0433\u0430\u0440\u043d\u0438\u0442\u0443\u0440\u0443 AirPods \u0438\u043b\u0438 Beats\u00bb, \u2014 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u0420\u044d\u043c\u0431\u043e.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u044b\u043b\u0430\u0441\u044c \u0432 Core Bluetooth, \u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c iOS 16.1 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0434\u044b\u0440\u0443.", "creation_timestamp": "2022-10-29T13:11:27.000000Z"}]}