CVE-2023-41061

HIGH 7.8

⚠️ CISA KEV

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Vendor	apple
Product	ios and ipados
Ecosystems	iOS macOS
Industries	Technology
Published	Sep 7, 2023
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for apple ios and ipados

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-41061.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Apple / iOS and iPadOS

unspecified < 16.6

Apple / watchOS

unspecified < 9.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.apple.com: https://support.apple.com/en-us/HT213905 support.apple.com: https://support.apple.com/en-us/HT213907 support.apple.com: https://support.apple.com/kb/HT213907 support.apple.com: https://support.apple.com/kb/HT213905 seclists.org: http://seclists.org/fulldisclosure/2023/Sep/5 seclists.org: http://seclists.org/fulldisclosure/2023/Sep/4 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41061