CVE-2023-40404

HIGH

macOS - Use-After-Free

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-40404. PoCs published by geniuszly.

AI-analyzed exploit summary This repository contains a functional Proof-of-Concept (PoC) exploit for CVE-2023-40404, targeting macOS's IOKit network stack. The exploit interacts with IOUserEthernetResource to create and manipulate Ethernet controllers, potentially triggering a kernel panic.

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.

Exploits (1)

nomisec WORKING POC 6 stars

by geniuszly · poc

https://github.com/geniuszly/GenEtherExploit

View Code ZIP pw:eip

This repository contains a functional Proof-of-Concept (PoC) exploit for CVE-2023-40404, targeting macOS's IOKit network stack. The exploit interacts with IOUserEthernetResource to create and manipulate Ethernet controllers, potentially triggering a kernel panic.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: macOS (specific version not specified)

Auth required

Prerequisites: macOS system vulnerable to CVE-2023-40404 · Xcode or clang for compilation · root access

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List, Third Party Advisory

http://seclists.org/fulldisclosure/2023/Oct/24

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213984

Release Notes, Vendor Advisory

https://support.apple.com/kb/HT213984

Scores

CVSS v3 7.8

EPSS 0.0114

EPSS Percentile 62.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (1)

apple/macos 14.0

Published Oct 25, 2023

Tracked Since Feb 18, 2026