Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
PoC: webkit-cve-2024-23222
CVE-2024-23222 WebKit type confusion → iOS 16.4.1 sandbox escape. Full chain: JSC JIT confusion → addrof/read64/write64 → WASM indirect call → arbitrary C functions → file write outside sandbox.
PoC: coruna_analysis
Analyze and deobfuscate the Coruna Exploit Kit (CVE-2024-23222) to enhance understanding and detection of related threats.
PoC: Cassowary-CVE-2024-23222-x86_64
Adaptation of Cassowary CVE-2024-23222 for Linux x86_64
PoC: CVE-2024-23222-Coruna-Exploit-Kit-Deobfuscated
Comprehensive deobfuscated research of the Coruna iOS exploit kit targeting CVE-2024-23222. Analysis of WebKit Type Confusion, PAC Bypass, and Sandbox Escape
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free