Описание
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode).
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode).
Уязвимость операционной системы iOS, позволяющая нарушителю читать данные из буфера обмена
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2