CVE-2023-41992 - Apple Multiple Products Kernel Privilege Escalation Vulnerability

Project:Apple

Product:Multiple Products

Date Added:2023-09-25Due Date:2023-10-16Last Updated:June 21, 2025

Vulnerability Name

Apple Multiple Products Kernel Privilege Escalation Vulnerability

Description

Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/HT213926, https://support.apple.com/en-us/HT213927, https://support.apple.com/en-us/HT213928, https://support.apple.com/en-us/HT213929, https://support.apple.com/en-us/HT213931, https://support.apple.com/en-us/HT213932

https://nvd.nist.gov/vuln/detail/CVE-2023-41992

Related News Articles

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 11, 2025

Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 10, 2025

Apple fixes this year’s first actively exploited zero-day bugJanuary 27, 2025

Apple fixes two zero-days used in attacks on Intel-based MacsNovember 19, 2024

Related Weaknesses