CVE-2014-4354Apple Iphone OS vulnerability

CWE-2642 documents2 sources
Severity
5.8MEDIUMNVD
EPSS
0.3%
top 46.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedSep 18
Latest updateMay 17

Description

Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVSS vector

AV:A/AC:L/C:P/I:P/A:PExploitability: 6.5 | Impact: 6.4

Affected Packages1 packages

NVDapple/iphone_os7.1.2+9

🔴Vulnerability Details

1
GHSA
GHSA-3562-grf3-m536: Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via2022-05-17
CVE-2014-4354 — Apple Iphone OS vulnerability | cvebase