CVE-2015-7051 — Apple Iphone OS vulnerability

CWE-2644 documents3 sources

Severity

9.3CRITICALNVD

EPSS

0.8%

top 26.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple Tvos Apple IOS

Timeline

PublishedDec 11

Latest updateMay 14

Description

MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

▶NVDapple/tvos9.0

▶Appleapple/tvos9.1

▶NVDapple/iphone_os9.1

▶Appleapple/ios9.2

🔴Vulnerability Details

GHSA

GHSA-5wv4-g62m-fp24: MobileStorageMounter in Apple iOS before 9↗2022-05-14

▶

📋Vendor Advisories

Apple

CVE-2015-7051: tvOS 9.1↗

▶

Apple

CVE-2015-7051: iOS 9.2↗

▶