Multiple vulnerabilities in Apple iOS

Published: 2017-11-01 12:37:55 | Updated: 2017-11-01 12:39:28
Severity High
Patch available YES
Number of vulnerabilities 20
CVSSv2 3.7 (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
7.4 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
1.6 (AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
1.6 (AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.2 (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.6 (AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.1 (AV:A/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:C)
CVSSv3 4.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
8.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
2.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
2.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
3.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
2.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
9 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C]
CVE ID CVE-2017-13849
CVE-2017-13799
CVE-2017-13844
CVE-2017-13805
CVE-2017-13804
CVE-2017-7113
CVE-2017-13783
CVE-2017-13784
CVE-2017-13785
CVE-2017-13788
CVE-2017-13791
CVE-2017-13792
CVE-2017-13793
CVE-2017-13794
CVE-2017-13795
CVE-2017-13796
CVE-2017-13798
CVE-2017-13802
CVE-2017-13803
CVE-2017-13080
CWE ID CWE-119
CWE-284
CWE-264
CWE-20
CWE-320
Exploitation vector Network
Public exploit Public exploit code for vulnerability #20 is available.
Vulnerable software Apple iOS
Vulnerable software versions Apple iOS 10.3.3
Apple iOS 10.3.2
Apple iOS 10.3.1
Show more
Vendor URL Apple Inc.
Advisory type Public

Security Advisory

1) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory handling error in the CoreText component. A remote attacker can supply a specially crafted text file, trigger memory corruption and cause an unexpected application termination.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

2) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the kernel component. A remote attacker can trigger memory corruption and execute arbitrary code with kernel privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

3) Improper access control

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a flaw in the Messages application. A local attacker can supply Reply With Message and access photos from the lock screen.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

4) Improper access control

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a flaw in the Siri component. A local attacker can use Siri to read notifications of content that is set not to be displayed at the lock screen.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

5) Improper input validation

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper input validation. A remote attacker can trick the victim into opening a specially crafted zip file, trigger a path handling flaw in the StreamingZip component and modify restricted areas of the file system.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

6) Improper access control

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a flaw in the UIKit component. A local attacker can view characters in a secure text field during focus change events.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

7) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

8) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

9) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

10) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

11) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

12) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

13) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

14) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

15) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

16) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

17) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

18) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

19) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to memory handling error in the WebKit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

20) Key management errors

Description

The vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used group key.

The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.

The vulnerability is dubbed "KRACK" attack.

Remediation

Update to version 11.1.

External links

https://support.apple.com/en-us/HT208222

Back to List