CVE-2023-23531

HIGH

iPadOS < 16.3 - Out-of-bounds Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-23531. PoCs published by DarthOCE.

AI-analyzed exploit summary The repository claims to be a fully functional untethered iOS 16-16.4 jailbreak using CVE-2023-23531 but contains no actual exploit code, technical details, or proof of functionality. The README is a single line with no substantive information, which is characteristic of a social engineering lure.

Description

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

Exploits (1)

nomisec SUSPICIOUS 5 stars
by DarthOCE · poc
https://github.com/DarthOCE/MonkeyJB

The repository claims to be a fully functional untethered iOS 16-16.4 jailbreak using CVE-2023-23531 but contains no actual exploit code, technical details, or proof of functionality. The README is a single line with no substantive information, which is characteristic of a social engineering lure.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: iOS 16-16.4
No auth needed
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.6
EPSS 0.0175
EPSS Percentile 75.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (3)
apple/ipados < 16.3
apple/iphone_os < 16.3
apple/macos < 13.2
Published Feb 27, 2023
Tracked Since Feb 18, 2026