Published: 21/09/2023 Updated: 10/01/2024

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple macos
apple iphone os 17.0
apple iphone os
apple ipados
apple ipados 17.0

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page Apple security documents reference vulnerabilities by CVE-ID whe ...

Asynchronous python wrapper for CVE/CPE data

CVEHunter - Async python wrapper for CVE/CPE data CVEHunter is a Python asynchronous library designed to simplify the retrieval of CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) information using the NVD API It streamlines the process of searching for and accessing valuable security data for vulnerability assessment and mana

C library for manipulating MachO/FAT files and their code signatures

ChOma ChOma is a simple library for parsing and manipulating MachO files and their CMS blobs Written for exploitation of CVE-2023-41991, a vulnerability in the CoreTrust kernel extension, and for use in TrollStore, and in Dopamine as a kernel patchfinder Usage To use the library, you can compile with make all This will produce the choma_cli executable that demonstrates the a

🔥🔥🔥微信公众号:Cydiapps🔥🔥🔥 => Cydia插件 Logos语言开发Tweak.xm Cydia Substrate 注入dylib iOS逆向工程开发越狱Jailbreak deb插件 - fishhook / Frida / iOSOpenDev / Cycript / MachOView / IDA / Hopper Disassembler / MonkeyDev / Class-dump / Theos / Reveal / Dumpdecryptd / FLEX / 汇编Assembly / CaptainHook / lldb/LLVM/XNU/Darwin/iOS Reverse

iOS应用逆向工程-Cydia越狱-Tweaks插件开发我的微信公众号-> Cydiapps XLsn0w's Cydia Repo: XLsn0wgithubio/tweak/ XLsn0w's Cydia Repo: XLsn0wgithubio/tweaks/ Cydiapp's Cydia Repo: XLsn0wgithubio/Cydiapp/ 🔥🔥🔥 我的博客: xlsn0wgithubio 🔥🔥🔥 Welcome to XLsn0w’s Blog Apple �

TrollStore 二代 iOS巨魔商店V2.0 安装指南: 巨魔2代安装教程巨魔辅助安装器 Misaka TrollSpeed 状态栏网速显示

iOS巨魔二代 TrollStore2 安装教程 Install Guide 公众号Cydiapps 持续更新巨魔IPA和使用教程巨魔二代更新支持 iOS1651 - 1661 （167）发布巨魔二代更新支持 iOS1651 - 1661 （167）发布安装指南: 巨魔2代安装教程多巴胺二代 iOS 150 - 1661 越狱指南 Dopamine 20 分享下载 Dopamine 20 多巴胺二代 iOS 1

🔥🔥🔥微信公众号:Cydiapps🔥🔥🔥 => Cydia插件 Logos语言开发Tweak.xm Cydia Substrate 注入dylib iOS逆向工程开发越狱Jailbreak deb插件 - fishhook / Frida / iOSOpenDev / Cycript / MachOView / IDA / Hopper Disassembler / MonkeyDev / Class-dump / Theos / Reveal / Dumpdecryptd / FLEX / 汇编Assembly / CaptainHook / lldb/LLVM/XNU/Darwin/iOS Reverse

iOS应用逆向工程-Cydia越狱-Tweaks插件开发我的微信公众号-> Cydiapps XLsn0w's Cydia Repo: XLsn0wgithubio/tweak/ XLsn0w's Cydia Repo: XLsn0wgithubio/tweaks/ Cydiapp's Cydia Repo: XLsn0wgithubio/Cydiapp/ 🔥🔥🔥 我的博客: xlsn0wgithubio 🔥🔥🔥 Welcome to XLsn0w’s Blog Apple �

ChOma ChOma is a simple library for parsing and manipulating MachO files and their CMS blobs Written for exploitation of CVE-2023-41991, a vulnerability in the CoreTrust kernel extension, and for use in TrollStore and XPF (which is used by Dopamine as its kernel patchfinder) Compilation Building for macOS make Building for iOS make TARGET=ios Additional Options DEBUG=1: Build

TrollStore 2 (TrollHelper) - The Jailed Permasigned app installer for iOS 14.0 - 16.6.1, It help you to install any IPA file on your iPhone for FREE.

Install TrollStore for iPhone/iPad in 7 Easy Steps TrollStore 2 (TrollHelper) - The Jailed Permasigned app installer for iOS 140 - 1661, It helps you to install any IPA file on your iPhone for FREE What is TrollStore TrollStore 2, also known as TrollHelper, is an iOS application that utilizes a CoreTrust bug discovered by Linus Henze to install iPA files on iOS devices perm

Apple fixes two new iOS zero-days exploited in attacks on iPhones

BleepingComputer • Lawrence Abrams • 05 Mar 2024

Apple fixes two new iOS zero-days exploited in attacks on iPhones By Lawrence Abrams March 5, 2024 04:34 PM 0 Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. "Apple is aware of a report that this issue may have been exploited," the company said in an advisory issued on Tuesday. The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with arbitrary kernel r...

CVE-2023-41991

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect