Main Vulnerability Database Vulnerabilities #VU9568

#VU9568 Memory corruption in Apple iOS - CVE-2017-13879

Published: December 7, 2017

Vulnerability identifier: #VU9568

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-13879

CWE-ID: CWE-119

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Apple iOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local attacker to execute arbitrary code o the target system.

The weakness exists due to boundary error in IOMobileFrameBuffer. A local attacker can use a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 11.2.

External links

https://support.apple.com/en-us/HT208334

#VU9568 Memory corruption in Apple iOS - CVE-2017-13879

Description

Remediation

External links

Please verify you're human