Information disclosure in Apple iOS
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-17688 CVE-2017-17689 |
| CWE-ID | CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU12646
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-17688
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper access controls. A remote attacker with access to a target user's PGP encrypted email message can exploit a property of Cipher Feedback Mode (CFB) by modifying known plaintext blocks (such as MIME headers). When the target user decrypts and views the modified email message, the target user's mail client will parse the resulting modified HTML content and disclose the original plaintext to a remote URL.
This exploit is the "CFB gadget" attack method of the vulnerability referred to as "EFAIL".
Various email clients or email client plugins that use OpenPGP or implement the PGP standard are affected.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsApple iOS: 11.0.0 - 11.3.1
External linkshttp://efail.de/efail-attack-paper.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU12649
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-17689
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper access controls. A remote attacker with access to a target user's S/MIME encrypted email message can exploit a property of Cipher Feedback Mode (CFB) by modifying known plaintext blocks (such as MIME headers). When the target user decrypts and views the modified email message, the target user's mail client will parse the resulting modified HTML content and disclose the original plaintext to a remote URL.
This exploit is the "CFB gadget" attack method of the vulnerability referred to as "EFAIL".
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Apple iOS: 11.0.0 - 11.3.1
External linkshttp://efail.de/efail-attack-paper.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
