CVE-2015-1062Apple Iphone OS vulnerability

CWE-194 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 43.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple Iphone OSApple TvosApple TV+1 more
Timeline
PublishedMar 12
Latest updateMay 14

Description

MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

NVDapple/tvos7.0.3
NVDapple/iphone_os8.1.3
Appleapple/ios8.2
Appleapple/apple_tv7.1

🔴Vulnerability Details

1
GHSA
GHSA-cpvf-4x77-j58p: MobileStorageMounter in Apple iOS before 82022-05-14

📋Vendor Advisories

2
Apple
CVE-2015-1062: iOS 8.2
Apple
CVE-2015-1062: Apple TV 7.1