CVE-2023-41995

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 27, 2023
Updated: Dec 22, 2023
CWE ID 416

Summary

CVE-2023-41995 is a use-after-free vulnerability that has been addressed in iOS 17 and iPadOS 17, as well as macOS Sonoma 14. This issue arises from improper memory management within the affected operating systems. A malicious app can exploit this flaw to execute arbitrary code with kernel privileges. This type of vulnerability can lead to significant security risks if left unpatched, making it crucial for users to install the latest software updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apple (iPhone OS)
  • MacOS
  • iPadOS

Affected Vendors

  • Apple