CVE-2023-41974: Apple iOS and iPadOS Use-After-Free Vulnerability

CVE ID

CVE-2023-41974

Vulnerability Name

Apple iOS and iPadOS Use-After-Free Vulnerability

• Project: Apple
• Product: iOS and iPadOS

Date

• Date Added: 2026-03-05
• Due Date: 2026-03-26

Description

Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/HT213938 ; https://support.apple.com/kb/HT213938 ; https://nvd.nist.gov/vuln/detail/CVE-2023-41974

Related Security News

• Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
• Apple patches older iPhones and iPads against Coruna exploits
• Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List