CVE-2024-23222

ENISA EUVD: EUVD-2024-20741 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 8 articles Published: 2024-01-23

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

0.91%

probability

This CVE has a 0.91% probability of being exploited in the next 30 days.

0% Top 76.1th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.

Affected Products

Apple

Safari

Apple

iOS and iPadOS

0 0 0

Apple

macOS

0 0 0

Apple

tvOS

Apple

visionOS

apple

safari

apple

ipados

apple

iphone os

apple

macos

apple

tvos

Apple

iOS and iPadOS

0 <15.8.7

Apple

iOS and iPadOS

unspecified <15.8.7

Apple

iOS and iPadOS

Apple

macOS

0 <12.7.3

Apple

macOS

0 <14.3

Apple

iOS and iPadOS

0 <16.7.5

Apple

iOS and iPadOS

0 <17.3

Apple

iOS and iPadOS

unspecified <17.3

Apple

macOS

0 <13.6.4

Apple

macOS

Apple

visionOS

0 <1.0.2

Apple

tvOS

unspecified <17.3

Apple

tvOS

0 <17.3

Apple

iOS and iPadOS

unspecified <16.7.5

Apple

tvOS

Apple

Safari

0 <17.3

Apple

macOS

unspecified <14.3

Attack Intelligence

CWE-664 · Improper Control of a Resource Through its Lifetime CWE-704 · Incorrect Type Conversion CWE-843 · Type Confusion

Google Project Zero

Patched

Jan. 22, 2024

Reported by

???

Root Cause Analysis

???

Exploits & PoC

FuzzySecurity/Cassowary-CVE-2024-23222-x86_64

Adaptation of Cassowary CVE-2024-23222 for Linux x86_64

10 2026-03-13

Rohitberiwala/CVE-2024-23222-Coruna-Exploit-Kit-Deobfuscated

Comprehensive deobfuscated research of the Coruna iOS exploit kit targeting CVE-2024-23222. Analysis of WebKit Type Confusion, PAC Bypass, and Sandbox

3 2026-03-10

Meysamshiralii/coruna_analysis

Analyze and deobfuscate the Coruna Exploit Kit (CVE-2024-23222) to enhance understanding and detection of related threats.

1 2026-05-23

3 repos — triés par ⭐ Rechercher sur GitHub ↗

https://support.apple.com/en-us/118479

https://support.apple.com/en-us/120304

https://support.apple.com/en-us/120305

https://support.apple.com/en-us/120307

https://support.apple.com/en-us/120309

https://support.apple.com/en-us/120310

Signal Intelligence

Confidenceⓘ

92%

EPSS 0.91%

CVSS v3.1 8.8

Mentions 8

Last Seen Mar 18, 2026

CNA Information

CNA Assigner

apple

Analyst Note

This CVE merits confirmed status due to multiple corroborating indicators: Apple explicitly acknowledged active exploitation in the wild, it is tracked by Google Project Zero, and multiple credible sources (BleepingComputer, CERT-EU) independently reported its active exploitation. The high CVSS score (8.8) combined with demonstrated real-world attacks in 2024 provides strong evidence of confirmation.