CVE-2023-42974

CVE Database · CVE-2023-42974

CVE-2023-42974

· HIGHModified

CVSS v3.1

7.0

EPSS

0.15%

Published

Mar 28, 2024

Modified

Nov 4, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-362CWE-362

Affected Products (7)

apple · ipad_os (up to 16.7.3)vulnerable

apple · ipados (up to 17.2)vulnerable

apple · iphone_os (up to 16.7.3)vulnerable

apple · iphone_os (up to 17.2)vulnerable

apple · macos (up to 12.7.2)vulnerable

apple · macos (up to 13.6.3)vulnerable

apple · macos (up to 14.2)vulnerable