CVE-2023-41990: Apple Multiple Products Code Execution Vulnerability. Apple

Apple Multiple Products Code Execution Vulnerability. Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.

• CISA KEV-listed (remediation due 2024-01-29)
• EPSS 2.7% (86.2% percentile)

Related briefings

• Operation Triangulation: Four Zero-Days Including Undocumented GPU CoreSight MMIO Hardware Feature Used to Bypass Apple PPL in Most Sophisticated iOS Attack Chain Ever Analyzed 2026-02-16

Browse the CVE database

Read the full analysis on IntelFusions