CVE-2023-28206

HIGH KEV

iPadOS < 15.7.5 - Out-of-bounds Write

Title source: llm

Exploitation Summary

CVE-2023-28206 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 10, 2023. EIP tracks 1 public exploit from researchers including acceleratortroll.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2023-28206, targeting macOS GPU drivers (IOGPU, ANEDirectIn) to achieve kernel-level privilege escalation. The code includes IOKit interactions and memory manipulation techniques, though the full exploit chain is still under development.

Description

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Exploits (1)

nomisec WORKING POC 8 stars

by acceleratortroll · local

https://github.com/acceleratortroll/acceleratortroll

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2023-28206, targeting macOS GPU drivers (IOGPU, ANEDirectIn) to achieve kernel-level privilege escalation. The code includes IOKit interactions and memory manipulation techniques, though the full exploit chain is still under development.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Theoretical

Target: macOS (IOGPU, ANEDirectIn drivers)

No auth needed

Prerequisites: macOS system with vulnerable GPU drivers · Local access to execute the exploit

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →