KEVIntel
Back to KEVs
8.8
CVSS
High

CVE-2023-41993

PUBLISHED

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution....

Exploited in the wild Remote Low complexity
Vendor
Apple
Product
macOS
Published
Sep 21, 2023
EPSS

Description

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

macos ios cisa nessus_scanner

CVSS scores

CVSS v3.1 8.8 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2023-09-25 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Sep 25, 2023

Scanner integrations

Scanner Reference Detected
Nessus https://www.tenable.com/plugins/nessus/236273 Jun 02, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

J3Ss0u/CVE-2023-41993

github · Created 2024-02-28 08:27:43 UTC · 0 stars

0x06060606/CVE-2023-41993

github · Created 2023-10-16 20:34:02 UTC · 6 stars

CVE-2023-41993

po6ix/POC-for-CVE-2023-41993

github · Created 2023-10-15 12:14:18 UTC · 199 stars

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nessus