CVE-2016-1751Apple Iphone OS vulnerability

CWE-2645 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 53.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple Iphone OSApple TvosApple Watchos+1 more
Timeline
PublishedMar 24
Latest updateMay 14

Description

The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

NVDapple/tvos< 9.2
NVDapple/watchos< 2.2
Appleapple/tvos9.2
Appleapple/watchos2.2
NVDapple/iphone_os< 9.3

🔴Vulnerability Details

1
GHSA
GHSA-m7jw-rm45-54f8: The kernel in Apple iOS before 92022-05-14

📋Vendor Advisories

3
Apple
CVE-2016-1751: watchOS 2.2
Apple
CVE-2016-1751: tvOS 9.2
Apple
CVE-2016-1751: iOS 9.3
CVE-2016-1751 — Apple Iphone OS vulnerability | cvebase