Threat Intelligence / CVE / CVE-2023-23514

CVE-2023-23514

CVSS 7.8 (HIGH) · EPSS 0.4% · Published 2023-02-27

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416

Threats tracking this CVE

Coruna iOS Exploit Kit — 23 Exploits Across 5 Chains Targeting iOS 13-17.2.1 (CVE-2021-30952, CVE-2023-41974, CVE-2023-43000 + 20 More) — CRITICAL

References

https://support.apple.com/en-us/HT213633
https://support.apple.com/en-us/HT213635
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213677
https://support.apple.com/en-us/HT213633
https://support.apple.com/en-us/HT213635
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213677

Full detection coverage & IOCs for threats exploiting CVE-2023-23514 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence