CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution....

Basic Information

CVE State: PUBLISHED
Reserved Date: September 06, 2023
Published Date: September 21, 2023
Last Updated: February 13, 2025
Vendor: Apple
Product: macOS
Description: The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2023-09-25 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2024-02-28 08:27:43 UTC) Source

References

https://support.apple.com/en-us/HT213940 https://security.gentoo.org/glsa/202401-33 https://security.netapp.com/advisory/ntap-20240426-0004/

Known Exploited Vulnerability Information

Source	Added Date
CISA	2023-09-25 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

J3Ss0u/CVE-2023-41993

Type: github • Created: 2024-02-28 08:27:43 UTC • Stars: 0

0x06060606/CVE-2023-41993

Type: github • Created: 2023-10-16 20:34:02 UTC • Stars: 6

CVE-2023-41993

po6ix/POC-for-CVE-2023-41993

Type: github • Created: 2023-10-15 12:14:18 UTC • Stars: 199