CVE-2012-3738Apple Iphone OS vulnerability

CWE-2642 documents2 sources
Severity
3.6LOWNVD
EPSS
0.1%
top 79.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedSep 20
Latest updateMay 17

Description

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDapple/iphone_os5.1.1+39

🔴Vulnerability Details

1
GHSA
GHSA-9xgr-mmj7-5vxv: The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physic2022-05-17
CVE-2012-3738 — Apple Iphone OS vulnerability | cvebase