CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Oct 2, 2023

CVE-2023-41061

High

EPSS 1.0%CISA KEV

Apple/iOS, iPadOS, and watchOS

Description

Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.

EPSS — Exploit Probability

1.0%

Higher than 76.6% of all CVEs

Required Action

https://support.apple.com/en-us/HT213905, https://support.apple.com/kb/HT213907; https://nvd.nist.gov/vuln/detail/CVE-2023-41061

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 1.0%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Sep 11, 2023

Added to KEV

Sep 11, 2023

Remediation Due

Oct 2, 2023

Affected Product

Apple

iOS, iPadOS, and watchOS

View all Apple CVEs

External Links

NVD (NIST)CVE Details MITRE CVE