CVE-2014-4493Apple Iphone OS vulnerability

CWE-2643 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 56.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple IOS
Timeline
PublishedJan 30
Latest updateMay 17

Description

The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows attackers to obtain control of the local app container by leveraging access to an enterprise distribution certificate for signing a crafted app.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDapple/iphone_os8.1.2
Appleapple/ios8.1.3

🔴Vulnerability Details

1
GHSA
GHSA-v4g6-4mgp-776j: The app-installation functionality in MobileInstallation in Apple iOS before 82022-05-17

📋Vendor Advisories

1
Apple
CVE-2014-4493: iOS 8.1.3
CVE-2014-4493 — Apple Iphone OS vulnerability | cvebase