CVE-2023-41990

HIGH 7.8

⚠️ CISA KEV

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

Vendor	apple
Product	ios and ipados
Ecosystems	iOS macOS
Industries	Technology
Published	Sep 11, 2023
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for apple ios and ipados

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-41990.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Apple / iOS and iPadOS

unspecified < 16.3

Apple / tvOS

unspecified < 16.3

Apple / iOS and iPadOS

unspecified < 15.7

Apple / macOS

unspecified < 11.7

Apple / macOS

unspecified < 13.2

Apple / macOS

unspecified < 12.6

Apple / watchOS

unspecified < 9.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.apple.com: https://support.apple.com/en-us/HT213606 support.apple.com: https://support.apple.com/en-us/HT213601 support.apple.com: https://support.apple.com/en-us/HT213842 support.apple.com: https://support.apple.com/en-us/HT213845 support.apple.com: https://support.apple.com/en-us/HT213605 support.apple.com: https://support.apple.com/en-us/HT213844 support.apple.com: https://support.apple.com/en-us/HT213599 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41990