CVE-2023-42824

Published Oct 4, 2023

Last updated 4 months ago

Exploit knownCVSS high 7.8
Apple
iOS

Overview

Description
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
Source
product-security@apple.com
NVD status
Analyzed
Products
ipados, iphone_os

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability
Exploit added on
Oct 5, 2023
Exploit action due
Oct 26, 2023
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. GitHub - 619555798/cve-2023-42824: cow bypass I saw this ios poc on GitHub is this true? really? https://t.co/cmb9whal7p

    @xcbjkymz

    14 Feb 2026

    85 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Cve-2023-42824 cow bypass后,好像和mdc1差别还挺大的。

    @xcbjkymz

    11 Feb 2026

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. a rough version of CVE-2023-42824(vo_copy) exploitation. https://t.co/gwCWU66AgS

    @minacrissDev_

    7 Nov 2025

    598 Impressions

    0 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  4. a rough version of CVE-2023-42824(vo_copy) exploitation. https://t.co/EPDO9gv4yX

    @ProteasWang

    7 Nov 2025

    5050 Impressions

    6 Retweets

    73 Likes

    18 Bookmarks

    2 Replies

    0 Quotes

  5. CVE-2023-42824 (vo_copy) appears to only break CoW for anonymous memory. For now it looks like an intermediate step in an exploitation chain rather than the final vulnerability used for privilege escalation.

    @ProteasWang

    21 Oct 2025

    2166 Impressions

    1 Retweet

    13 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  6. Heard rumors (unconfirmed as of today at 1pm) about an update to the old 2023 security vulnerability in iOS 17’s kernel (CVE-2023-42824). This update uses same type of arbitrary code execution with kernel level privileges. This is a locally exploitable vulnerability,

    @zeroday31337

    4 Jan 2025

    29 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. A logic issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker may be able to discover a user’s deleted notes.CVE-2026-20682
  2. Apple Multiple Buffer Overflow VulnerabilityCVE-2026-20700
  3. A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. A shortcut may be able to bypass sandbox restrictions.CVE-2026-20677
  4. An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data.CVE-2026-20678
  5. The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. A sandboxed app may be able to access sensitive user data.CVE-2026-20680

References

Sources include official advisories and independent security research.