CVE-2013-5133 — Apple Iphone OS vulnerability

CWE-2642 documents2 sources

Severity

8.8HIGHNVD

EPSS

0.6%

top 31.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS

Timeline

PublishedMar 14

Latest updateMay 17

Description

Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.

CVSS vector

AV:N/AC:M/C:N/I:C/A:CExploitability: 8.6 | Impact: 9.2

Affected Packages1 packages

▶NVDapple/iphone_os7.0.6+6

🔴Vulnerability Details

GHSA

GHSA-6hmq-v65x-pjjh: Backup in Apple iOS before 7↗2022-05-17

▶