Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-1287Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.2HIGHNVD
EPSS
1.1%
top 22.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple Iphone OSApple Tvos
Timeline
PublishedMar 14
Latest updateMay 14

Description

USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDapple/tvos6.0.2+2
NVDapple/iphone_os7.0.6+6

🔴Vulnerability Details

1
GHSA
GHSA-rhrc-5w4h-m6vj: USB Host in Apple iOS before 72022-05-14

💥Exploits & PoCs

1
Exploit-DB
iOS 7 - Kernel Mode Memory Corruption2014-03-17