CVE-2023-41064

HIGH KEV

iOS <16.6.1- Ventura <13.5.2 - Buffer Overflow

Title source: llm

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Exploits (4)

github WORKING POC 4 stars
by ctkqiang · gopoc
https://github.com/ctkqiang/CVE-Exploits/tree/main/CVE-2023-41064
nomisec WORKING POC 3 stars
by MrR0b0t19 · client-side
https://github.com/MrR0b0t19/CVE-2023-41064
nomisec STUB
by K4Der11000 · poc
https://github.com/K4Der11000/k4_cve-2023-41064
nomisec WORKING POC
by MrR0b0t19 · client-side
https://github.com/MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064

References (9)

Scores

CVSS v3 7.8
EPSS 0.8589
EPSS Percentile 99.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-09-11
VulnCheck KEV 2023-09-07
InTheWild.io 2023-09-07
ENISA EUVD EUVD-2023-45585
CWE
CWE-120
Status published
Products (3)
apple/ipados < 15.7.9
apple/iphone_os < 15.7.9
apple/macos 11.0 - 11.7.10
Published Sep 07, 2023
KEV Added Sep 11, 2023
Tracked Since Feb 18, 2026