US CISA adds three iOS vulnerabilities to known-exploited catalog
Change
US CISA added CVE-2021-30952, CVE-2023-41974, and CVE-2023-43000 to its catalog of known exploited vulnerabilities and directed federal agencies to apply vendor mitigations or discontinue use of affected products.
Why it matters
The added entries cover exploits that are part of a broader 23-exploit kit capable of targeting iPhones running iOS 13.0 through 17.2.1, expanding the universe of at-risk devices. That breadth increases forensic, inventory, and remediation workloads for organizations responsible for long-lived or legacy iOS devices.
Implications
- — Federal agency IT teams must identify devices running iOS 13.0 through 17.2.1 and apply vendor mitigations or remove those devices from agency networks.
- — Mobile device management administrators supporting federal networks must push available updates, enable protective configurations, or enforce device removal where mitigations are unavailable.
Unlock the decision layer.
Know what changes, what’s at risk, and what needs action next.
- Implications: What shifts in cost, supply, or compliance.
- Who is affected: Which teams, contracts, or flows are exposed.
- What to watch: Deadlines, triggers, and when action becomes necessary.
- Real-time alerts: Get notified when a change becomes actionable — not noise..
- Ask AI: Go deeper on any change in seconds.
No credit card · 14-day trial · Active in seconds
Unlock the decision layer
Source
Topics