CVE-2023-41061 - Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Project:Apple
Product:iOS, iPadOS, and watchOS
Date Added:2023-09-11Due Date:2023-10-02
Vulnerability Name
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Description
Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://support.apple.com/en-us/HT213905, https://support.apple.com/kb/HT213907
https://nvd.nist.gov/vuln/detail/CVE-2023-41061
Related News Articles
Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025
Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 11, 2025
Apple fixes this year’s first actively exploited zero-day bugJanuary 28, 2025
Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024