CVE-2023-43010

CVSS v2.0

High

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple products (affected versions not specified) iOS versions prior to 17.2 iPadOS versions prior to 17.2 macOS Sonoma versions prior to 14.2 Safari versions prior to 17.2 iOS versions prior to 16.7.15 iPadOS versions prior to 16.7.15 iOS versions prior to 15.8.7 iPadOS versions prior to 15.8.7

Description An issue exists due to inadequate memory handling within the WebKit component. Processing specially crafted web content can lead to memory corruption. This flaw, identified as CVE-2023-43010, has been actively exploited in the wild through the Coruna exploit kit, targeting older iPhone models, including the iPhone 6s, 7, 8, and X. The Coruna exploit kit contains 23 identified exploits. The vulnerability allows for memory corruption via malicious web content.

Recommendations Update to iOS version 17.2 or later. Update to iPadOS version 17.2 or later. Update to macOS Sonoma version 14.2 or later. Update to Safari version 17.2 or later. Update to iOS version 16.7.15 or later. Update to iPadOS version 16.7.15 or later. Update to iOS version 15.8.7 or later. Update to iPadOS version 15.8.7 or later.

Fix

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-787

Related Identifiers

BDU:2026-04647

CVE-2023-43010

OPENSUSE-SU-2026:20518-1

RHSA-2024:8180

RHSA-2024:8492

RHSA-2024:8496

RHSA-2024:9144

RHSA-2024:9636

RHSA-2024:9646

RHSA-2024:9653

RHSA-2024:9679

RHSA-2024:9680

RHSA-2025:10364

SUSE-SU-2026:1139-1

SUSE-SU-2026:1150-1

SUSE-SU-2026:1364-1

SUSE-SU-2026:21180-1

Affected Products

Safari

Ios

Ipados

Iphone 6S

Iphone 7

Iphone 8

Iphone

Macos Sonoma

CVE-2023-43010

Weakness Enumeration

Related Identifiers

Affected Products

References · 107