Описание
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.7 (исключая)Версия до 14.7 (исключая)Версия до 7.6 (исключая)
Одно из
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00036
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.
CVSS3: 5.5
fstec
больше 4 лет назад
Уязвимость ядра операционных систем tvOS, iOS, iPadOS и watchOS, позволяющая нарушителю повысить свои привилегии
EPSS
Процентиль: 10%
0.00036
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-287