Apple Security Alert: applies to; iOS, iPadOS, macOS, Safari
An out-of bound write issue in WebKit and the operating system's kernel (iOS, macOS and iPadOS) was identified as a vulnerability that can be exploited by a malicious application. That can lead to arbitrary code execution with kernel privileges. This remote code execution flaw can be exploited by accessing a website or URL that has been crafted to exploit this vulnerability. Especially in iOS and iPadOS, all software that offers web browsing functionality must be based on WebKitwhich makes the system vulnerable even browsing with a different browser. Please patch your devices as soon as possible! This vulnerability is actively being exploited.
Reference CVEs:
macOS: CVE-2022-32894, CVE-2022-32893
iOS: CVE-2022-32894, CVE-2022-32893
Safari: CVE-2022-32893
https://support.apple.com/en-us/HT213413