CVE-2023-41991

Published Sep 21, 2023

Last updated 4 months ago

Exploit known CVSS medium 5.5

Apple

iPadOS

iOS

macOS

Overview

AI description

Automated description summarized from trusted sources.

CVE-2023-41991 is a certificate validation vulnerability that affects macOS, iOS, and iPadOS. A malicious application could exploit this vulnerability to bypass signature validation. Apple has addressed this issue in macOS Ventura 13.6, iOS 16.7, and iPadOS 16.7. Apple is aware of reports indicating that this vulnerability may have been actively exploited against versions of iOS before 16.7. It was observed being exploited in an exploit chain, along with CVE-2023-41992 and CVE-2023-41993, to deploy Predator spyware on a target's mobile device.

Description: A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Source: product-security@apple.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Severity: MEDIUM

Known exploits

Data from CISA

Vulnerability name: Apple Multiple Products Improper Certificate Validation Vulnerability
Exploit added on: Sep 25, 2023
Exploit action due: Oct 16, 2023
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

nvd@nist.gov: CWE-295
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-295

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 25

CoreTrust 2 TROLLSTORE Exploit (CVE-2023-41991) Full Details FINALLY RELEASED! It's SCARY! 🔥 NEW VIDEO: https://t.co/BuqsmmWH0h We're discussing the release of a complete analysis for CVE-2023-41991, the heart of TrollStore 2. We always knew it was a vulnerability that was
@FCE365
20 Jun 2025
11626 Impressions
14 Retweets
76 Likes
16 Bookmarks
7 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3",
            "versionEndExcluding": "16.7"
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD0EE39C-DEC4-475C-8661-5BD76457A39E"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F",
            "versionEndExcluding": "16.7"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:17.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "502CD624-FA22-4C7B-9CA3-53CA938BE1AB"
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F",
            "versionEndExcluding": "13.6",
            "versionStartIncluding": "13.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.