CVE-2023-41991Apple Multiple Products Improper Certificate Validation Vulnerability

PUBLISHEDvulnerability record
2023-09-25 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2023-41991
Project:
Apple
Product:
Multiple Products
Date Added:
2023-09-25
Due Date:
2023-10-16
Last Updated:
June 21, 2025

Vulnerability Name

Apple Multiple Products Improper Certificate Validation Vulnerability

Description

Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses