CVE-2016-1766Apple Iphone OS vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 64.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple IOS
Timeline
PublishedMar 24
Latest updateMay 17

Description

The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDapple/iphone_os9.2.1
Appleapple/ios9.3

🔴Vulnerability Details

1
GHSA
GHSA-45r4-23r9-j8m3: The Profiles component in Apple iOS before 92022-05-17

📋Vendor Advisories

1
Apple
CVE-2016-1766: iOS 9.3