exploitDog

GHSA-hvw5-4g4q-2h8p

Опубликовано: 10 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Ссылки

EPSS

Процентиль: 97%

0.40713

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2025-24200

CVSS3: 6.1

nvd

12 месяцев назад

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

BDU:2025-01367

CVSS3: 7.1

fstec

12 месяцев назад

Уязвимость функции USB Restricted Mode операционных систем iOS, iPadOS, позволяющая нарушителю получить несанкционированный доступ к устройству

EPSS

Процентиль: 97%

0.40713

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-863