{"vulnerability": "CVE-2022-32948", "sightings": [{"uuid": "bd282d6b-9bb4-4b31-85e8-b39eb2d879be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/BloodyofcProof/153", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\nFollow: Kingsman", "creation_timestamp": "2023-01-11T20:29:17.000000Z"}, {"uuid": "16d905e3-8e69-4ff9-a8a8-86c28787758d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/VENOMOUS7t1/1536", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\nShare and join : @afraxratofficials", "creation_timestamp": "2023-09-19T13:50:29.000000Z"}, {"uuid": "2c051672-1b71-4caf-9947-631d7376b366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/wFjLsrXfOjTC_RSiQNlk4mhDivMVF1sPgYUZ0DXVWMcgKKw", "content": "", "creation_timestamp": "2022-11-19T23:36:08.000000Z"}, {"uuid": "fb6929fc-1534-4260-a606-1e2c3d5cce87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/ybUwh9LDZgVdO3P36AJSTnUkuciGW721dGm-1ch46pdTmQ", "content": "", "creation_timestamp": "2022-11-12T14:57:45.000000Z"}, {"uuid": "03132afa-73af-416b-a1ff-126273fdf59f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/j1JpK9ov52voeLmhAvzE5bQ_t2pg9kk-XzMoFlMR1gHdjg", "content": "", "creation_timestamp": "2023-01-12T04:34:51.000000Z"}, {"uuid": "4ec3bdaa-a0c8-4aa6-bb25-eeef832418d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4324", "content": "Kernel r/w Exploit for iOS 15 and macOS 12 \n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\n\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\n\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nTested On : \n\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n#IOS #Exploit\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-11-12T16:32:03.000000Z"}, {"uuid": "082e2a8e-5df2-49bc-98b8-f33cf6630773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/weareaig/12748", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-12-22T15:41:35.000000Z"}, {"uuid": "558311a9-7b86-4404-913a-b382614935b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1170", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n*\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u0435\u0442 4 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\u041f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043d\u0430:\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-11-11T21:17:44.000000Z"}, {"uuid": "8b6632cb-c493-4cad-a8b3-36b869437139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12537", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32948\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T19:16:01.190Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213345\n2. https://support.apple.com/en-us/HT213346", "creation_timestamp": "2025-04-18T19:59:12.000000Z"}, {"uuid": "e0a53acb-9e1f-4266-bcce-5c38142b4db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "Telegram/q04hnxfYFQjRLZLmMEhzxJlEctqDxDNihExyi-d7b7wDJg", "content": "", "creation_timestamp": "2024-05-03T15:01:39.000000Z"}, {"uuid": "d2e40ec1-2d41-441e-965e-fd6dfe81956a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/HackingVidhya/345", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n\u27a1\ufe0f PLEASE GIVE REACTION \u2620\ufe0f\n\n\u2b50FOR MORE\u27a1\ufe0f \n\n\ud83d\udd38SHARE OUR CHANNEL IN YOUR GROUP OR CHANNEL HELP US TO GROW\ud83d\udd3b", "creation_timestamp": "2023-08-22T18:02:03.000000Z"}, {"uuid": "9811cfc3-da06-45a7-9da8-57f6cb62a859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/lordofficials2/981", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2023-09-03T06:12:59.000000Z"}, {"uuid": "7aaf1807-5ae0-4632-a842-be67fae7afca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/weareaig/334", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.", "creation_timestamp": "2022-12-22T15:41:35.000000Z"}, {"uuid": "878f58e7-5c4a-40ae-b5d8-e25764f6e189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/HackingAndCrackingTools/367", "content": "kernel r/w exploit for iOS 15 and macOS 12 \n\n\nCVE-2022-32845 : aned signature check bypass for model.hwx.\nCVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.\nCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\nCVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\n\ud83d\udcf1\niPhone12 Pro (iPhone13,3) with iOS 15.5.\niPad Pro (iPad8,10) with iPadOS 15.5.\niPhone11 Pro (iPhone12,3) with iOS 15.4.1.\nMacBookAir10,1 M1 with macOS 12.4.\n\n\u27a1\ufe0f PLEASE GIVE REACTION \u2620\ufe0f\n\n\ud83d\udd38SHARE OUR CHANNEL IN YOUR GROUP OR CHANNEL HELP US TO GROW\ud83d\udd3b", "creation_timestamp": "2023-10-18T22:22:08.000000Z"}, {"uuid": "58bcdb0a-6327-44e8-9bb9-9028e2a20388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/atlantiscyberarmy/12747", "content": "\ud83d\udcf2 In the neural engine from apple (ANE), which is essentially an NPU and the first generation appeared in the A11 chip, as part of it.\n\n\ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx\n\n\ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation\n\n\ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\n\ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nActually, these kernel waves affected almost all iOS versions from 15 to 16 (15 - 15.5), except for sbx, which was fixed in iOS 15.6. Therefore, for successful operation on iOS 15.6/15.7 devices, it is necessary to break the sploitchain and re-make sbx. WeightBufs - nuclear r / w splits (as stated - affects all apple devices with ANE support, which combines these waves and, in addition to the aforementioned iOS versions, also affects macOS versions: 12 - 12.4.", "creation_timestamp": "2023-05-05T00:57:58.000000Z"}, {"uuid": "5f128f54-b6a4-43cb-bb61-d99a79878c5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "seen", "source": "https://t.me/breachdetector/141517", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"weightBufs_iOS.zip 5.5 MB \ud83d\udcf2 In the neural engine from apple (ANE), which is essentially an NPU and the first generation appeared in the A11 chip, as part of it. \ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx \ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation \ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue. \ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue. Actually, these kernel waves affected almost all iOS versions from 15 to 16 (15 - 15.5), except for sbx, which was fixed in iOS 15.6. Therefore, for successful operation on iOS 15.6/15.7 devices, it is necessary to break the sploitchain and re-make sbx. WeightBufs - nuclear r / w splits (as stated - affects all apple devices with ANE support, which combines these waves and, in addition to the aforementioned iOS versions, also affects macOS versions: 12 - 12.4.\u200c\u200c https://t.me/documentors\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"13 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-13T21:32:38.000000Z"}, {"uuid": "e4943048-2440-40ff-ba82-f03b5ba2baf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/140722", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"exploit for iOS 15_macOS 12.zip 5.5 MB kernel r/w exploit for iOS 15 and macOS 12 CVE-2022-32845 : aned signature check bypass for model.hwx. CVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation. CVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue. CVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue. \ud83d\udcf1 iPhone12 Pro (iPhone13,3) with iOS 15.5. iPad Pro (iPad8,10) with iPadOS 15.5. iPhone11 Pro (iPhone12,3) with iOS 15.4.1. MacBookAir10,1 M1 with macOS 12.4.\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"12 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-12T12:52:39.000000Z"}, {"uuid": "24fb6ed7-af19-4dcd-aa36-2b151a77d805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32948", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/1850", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25 In apple's neural engine(ANE), which is essentially an NPU and the first generation appeared back in the A11 chip as part of it, Mohamed recently discovered several vulnerabilities: \n\ud83d\udcbeCVE-2022-32845 - aned signature check bypass for model.hwx\n\ud83d\udcbeCVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation\n\ud83d\udcbeCVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.\n\ud83d\udcbeCVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.\n\nChannel:\n@Professional_c_h\n@card_crack_hack", "creation_timestamp": "2022-11-24T15:47:29.000000Z"}]}