CVE-2023-41992

HIGH KEV

iPadOS < 16.7 - Local Privilege Escalation

Title source: llm

Exploitation Summary

CVE-2023-41992 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added September 25, 2023. EIP tracks 1 public exploit from researchers including WHW0x455.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2023-41992, a vulnerability in macOS's IPC subsystem. The exploit leverages a race condition in `ipc_right_destroy` to trigger a NULL pointer dereference, leading to a kernel panic or potential privilege escalation.

Description

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Exploits (1)

nomisec WORKING POC 57 stars

by WHW0x455 · poc

https://github.com/WHW0x455/CVE-2023-41992

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2023-41992, a vulnerability in macOS's IPC subsystem. The exploit leverages a race condition in `ipc_right_destroy` to trigger a NULL pointer dereference, leading to a kernel panic or potential privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: macOS (XNU kernel)

No auth needed

Prerequisites: Access to a vulnerable macOS system · Ability to execute arbitrary code in a sandboxed environment

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory

https://support.apple.com/en-us/HT213927

Vendor Advisory

https://support.apple.com/en-us/HT213931

Vendor Advisory

https://support.apple.com/en-us/HT213932

Vendor Advisory

https://support.apple.com/kb/HT213927

Vendor Advisory

https://support.apple.com/kb/HT213932

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41992

Scores

CVSS v3 7.8

EPSS 0.0292

EPSS Percentile 85.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2023-09-25

VulnCheck KEV 2023-09-12

InTheWild.io 2023-09-12

ENISA EUVD EUVD-2023-46451

CWE

CWE-754

Status published

Products (5)

apple/ipados 17.0

apple/ipados < 16.7

apple/iphone_os 17.0

apple/iphone_os < 16.7

apple/macos 12.0 - 12.7

Published Sep 21, 2023

KEV Added Sep 25, 2023

Tracked Since Feb 18, 2026