CVE-2023-38606

ENISA EUVD: EUVD-2023-42405 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: Feb. 18, 2026 20 articles Published: 2023-07-26

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

0.11%

probability

This CVE has a 0.11% probability of being exploited in the next 30 days.

0% Top 29.6th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

5.5

MEDIUM

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Description

VulnerabilityLookup (CNA)

This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

Affected Products

Apple

tvOS

unspecified

Apple

iOS and iPadOS

unspecified

Apple

macOS

unspecified

Apple

iOS and iPadOS

unspecified

Apple

macOS

unspecified

apple

ipados

apple

iphone os

apple

macos

apple

tvos

apple

watchos

Apple

watchOS

unspecified <9.6

Apple

tvOS

unspecified <16.6

Apple

iOS and iPadOS

unspecified <16.6

Apple

macOS

unspecified <12.6

Apple

macOS

unspecified <13.5

Apple

macOS

unspecified <11.7

Apple

iOS and iPadOS

unspecified <15.7

Google Project Zero

Patched

July 24, 2023

Reported by

Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky

Root Cause Analysis

???

https://support.apple.com/en-us/HT213846

https://support.apple.com/en-us/HT213841

https://support.apple.com/en-us/HT213843

https://support.apple.com/en-us/HT213842

https://support.apple.com/en-us/HT213845

https://support.apple.com/en-us/HT213844

Signal Intelligence

Confidenceⓘ

92%

EPSS 0.11%

CVSS v3.1 5.5

Mentions 20

Last Seen Mar 12, 2026

CNA Information

CNA Assigner

apple

Analyst Note

This CVE is confirmed as an actively exploited zero-day with evidence of sophisticated real-world attacks documented by Google Project Zero and multiple security publications. The vulnerability affects kernel state management across multiple Apple platforms and was patched across iOS, macOS, tvOS, and watchOS versions, indicating broad impact and validation of the threat.

Threat Actors 1

Kimsuky

apt_group Information theft and espionage 🇰🇷 KR

Triage Info

Decided atFeb 18, 2026

Published DateJul 26, 2023