[![GitHub Pages](](
# CVE-2023-41993 Exploit PoC

This repository contains a Proof of Concept (PoC) exploit for the CVE-2023-41993 vulnerability.

This PoC demonstrates limited read/write primitives based on the PoC released by [po6ix](

Demo of this PoC can be found [here](

Please make an issue if you have any questions, suggestions, or concerns. :) <3

## Tested Devices

* iPhone 14 Pro Max (iOS 17.0 Beta 2)

## Usage

# Clone this repository
git clone
# Go into the repository directory
cd CVE-2023-41993
# Install dependencies
pip3 install -r requirements.txt
# Start the server
# Open Safari and navigate to
# http://<your-ip>:8080

## Vulnerability Details

CVE-2023-41993 is a critical vulnerability rooted in the WebKit browser engine, affecting various Apple products. It allows for arbitrary code execution upon processing malicious web content. More details can be found in the [advisory]( and [WebKit's commit]( addressing the issue.

## Exploit Overview

This PoC demonstrates arbitrary read/write primitives, advancing the exploitation of CVE-2023-41993. The core part of this exploit revolves around manipulating JavaScriptCore's behavior to achieve a controlled memory corruption, which can then be escalated to arbitrary read and write primitives.

## Acknowledgements

* [po6ix]( for the original PoC
* [Apple]( for vulnerability details
* [WebKit]( for addressing the vulnerability

## Disclaimer

This PoC is intended for educational purposes only. This PoC is not intended to be used for malicious purposes. I am in no way responsible for any misuse of this PoC.

## License

This PoC is licensed under the MIT License.