← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-41991 — Actively Exploited: Multiple Products (Apple)

Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.

CVE IDCVE-2023-41991
VendorApple
ProductMultiple Products
Vulnerability nameApple Multiple Products Improper Certificate Validation Vulnerability
Date added2023-09-25
Remediation due2023-10-16
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionApple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →