CVE-2023-41992

ENISA EUVD: EUVD-2023-46451 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: Feb. 18, 2026 17 articles Published: 2023-09-21

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

1.06%

probability

This CVE has a 1.06% probability of being exploited in the next 30 days.

0% Top 77.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Affected Products

Apple

macOS

unspecified

Apple

iOS and iPadOS

unspecified

Apple

macOS

unspecified

apple

ipados

apple

iphone os

apple

macos

Apple

iOS and iPadOS

unspecified <16.7

Apple

macOS

unspecified <12.7

Apple

macOS

unspecified <13.6

Attack Intelligence

CWE-703 · Improper Check or Handling of Exceptional Conditions CWE-754 · Improper Check for Unusual or Exceptional Conditions

Google Project Zero

Discovered

Sept. 12, 2023

Patched

Sept. 21, 2023

Reported by

Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

Root Cause Analysis

???

Exploits & PoC

WHW0x455/CVE-2023-41992

55 2025-10-22

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://support.apple.com/en-us/HT213932

https://support.apple.com/en-us/HT213927

https://support.apple.com/en-us/HT213931

Signal Intelligence

Confidenceⓘ

92%

EPSS 1.06%

CVSS v3.1 7.8

Mentions 17

Last Seen Mar 11, 2025

CNA Information

CNA Assigner

apple

Analyst Note

CVE-2023-41992 is confirmed as an actively exploited zero-day with evidence of real-world attacks against iOS before the patch. Apple's official acknowledgment of active exploitation, combined with high CVSS score (7.8), Google Project Zero attribution, and multiple credible security reports documenting sophisticated attack campaigns provide strong corroboration for the CONFIRMED status.

Threat Actors 6

APT 28

apt_group Information theft and espionage 🇷🇺 RU

Infy

apt_group Information theft and espionage 🇮🇷 IR

APT24

apt_group Information theft and espionage 🇨🇳 CN

UNC1549

apt_group Information theft and espionage 🇮🇷 IR

PassCV

apt_group Information theft and espionage 🇨🇳 CN

APT 5

apt_group Information theft and espionage 🇨🇳 CN

Triage Info

Decided atFeb 18, 2026

Published DateSep 21, 2023