Описание
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.3.3 (включая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00065
Низкий
2.4 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 2.4
github
больше 3 лет назад
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action.
EPSS
Процентиль: 20%
0.00065
Низкий
2.4 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200