# CVE-2023-41061

> A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

- **CVSS:** 7.8 (HIGH)
- **EPSS:** 1.0%
- **CISA KEV:** yes
- **CWE:** NVD-CWE-noinfo, CWE-20

Canonical: https://intel.threadlinqs.com/cve/CVE-2023-41061
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp