CVE-2023-41992

Published Sep 21, 2023

Last updated 4 months ago

Exploit knownCVSS high 7.8
Apple
macOS
iOS
iPadOS

Overview

AI description

Automated description summarized from trusted sources.

CVE-2023-41992 is a vulnerability affecting Apple's macOS Monterey, iOS, iPadOS, and macOS Ventura. It involves an unspecified issue that can be exploited by a local attacker to elevate their privileges on the system. The vulnerability was addressed by Apple with improved checks in the updated versions of the operating systems, specifically macOS Monterey 12.7, iOS 16.7, iPadOS 16.7, and macOS Ventura 13.6. There are reports indicating that this vulnerability may have been actively exploited in earlier versions of iOS before the release of iOS 16.7.

Description
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Source
product-security@apple.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Apple Multiple Products Kernel Privilege Escalation Vulnerability
Exploit added on
Sep 25, 2023
Exploit action due
Oct 16, 2023
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

nvd@nist.gov
CWE-754
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-754

Social media

Hype score
Not currently trending
  1. POC for CVE-2023-41992, a critical iOS kernel vuln . It affects multiple Apple platforms allowing malicious apps to bypass signature validation & gain elevated privileges. https://t.co/4ki9R9HwhR

    @minacrissDev_

    12 Jun 2025

    1896 Impressions

    7 Retweets

    15 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  2. cve-2023-41992 LPE https://t.co/3cIuIRust3

    @xcbjkymz

    8 Jun 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  3. cve-2023-41992-test https://t.co/tkAjPkSmED

    @xcbjkymz

    7 Jun 2025

    19 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Drop a poc for CVE-2023-41992 here. Few people have discussed this vulnerability publicly. iOS kernel vulnerabilities may have entered another era since iOS 16&17 ... https://t.co/4ki9R9HwhR

    @minacrissDev_

    24 May 2025

    2392 Impressions

    13 Retweets

    42 Likes

    18 Bookmarks

    0 Replies

    0 Quotes

  5. Jailbreak news of the week: CVE-2023-41992 PoC shared, Trigon updated, another MacDirtyCow-like bug, & more… https://t.co/eJS1b5VWK8

    @iDownloadBlog

    18 May 2025

    4127 Impressions

    0 Retweets

    7 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  6. Top 5 Trending CVEs: 1 - CVE-2024-45332 2 - CVE-2025-4427 3 - CVE-2025-47889 4 - CVE-2025-4664 5 - CVE-2023-41992 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    17 May 2025

    147 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. POC for CVE-2023-41992, a critical iOS kernel vuln patched by Apple in 2023. It affects multiple Apple platforms allowing malicious apps to bypass signature validation & gain elevated privileges.

    @minacrissDev_

    16 May 2025

    321 Impressions

    1 Retweet

    3 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  8. Drop a poc for CVE-2023-41992 here. Few people have discussed this vulnerability publicly. iOS kernel vulnerabilities may have entered another era since iOS 16&17 ... https://t.co/xzWjXrTvzF

    @minacrissDev_

    15 May 2025

    1860 Impressions

    3 Retweets

    17 Likes

    4 Bookmarks

    1 Reply

    0 Quotes

  9. Security researcher shares PoC for CVE-2023-41992 local privilege escalation bug https://t.co/1gmtuDIpRv

    @iDownloadBlog

    15 May 2025

    2240 Impressions

    1 Retweet

    6 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  10. Drop a poc for CVE-2023-41992 here. Few people have discussed this vulnerability publicly. iOS kernel vulnerabilities may have entered another era since iOS 16&17 ... https://t.co/9kXfJcFdHA

    @WHW_0x455

    12 May 2025

    290 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    1 Quote

Configurations