Cyber Resilience

CVE-2023-41974

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 10 January 2024

Published
10 January 2024
Modified
12 March 2026
KEV Added
05 March 2026
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0022 44.4th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-41974 is a high-severity Use After Free (CWE-416) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 44.4th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

A use-after-free vulnerability, tracked as CVE-2023-41974 and assigned CWE-416, affects Apple's iOS and iPadOS platforms. The flaw stems from insufficient memory management and can be triggered by a malicious application to achieve arbitrary code execution with kernel-level privileges. It is resolved in iOS 17 and iPadOS 17 as well as iOS 15.8.7 and iPadOS 15.8.7.

An attacker who can persuade a user to run a crafted application on an affected device may exploit the issue without additional privileges beyond local access and user interaction. Successful exploitation grants the ability to run arbitrary code inside the kernel, potentially leading to full device compromise including escalation of privileges and bypass of sandbox restrictions.

Apple security advisories direct users to install the listed updates, which contain the improved memory-management fixes that address the use-after-free condition. The references also include analysis of iOS exploit tooling, indicating that similar memory-corruption primitives have appeared in observed attack chains. The current EPSS score remains low at 0.0022 with no reported material increase.

EU & UK References

Vulnerability details

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, iOS 15.8.7 and iPadOS 15.8.7. An app may be able to execute arbitrary code with kernel privileges.

CWE(s)
KEV Date Added
05 March 2026

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 15.8.7 · 16.0 — 17.0
apple
iphone os
≤ 15.8.7 · 16.0 — 17.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires memory protection mechanisms that mitigate use-after-free flaws enabling kernel code execution.

prevent

Mandates timely application of patches that correct the memory-management defect in affected iOS releases.

prevent

Enforces process isolation boundaries that limit the impact of a user-space app reaching kernel privileges.

References