CVE-2016-1788Apple Iphone OS vulnerability

CWE-3105 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.6%
top 30.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple MAC OS XApple Watchos+2 more
Timeline
PublishedMar 24
Latest updateMay 17

Description

Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

NVDapple/watchos2.1
Appleapple/watchos2.2
NVDapple/mac_os_x10.11.3
NVDapple/iphone_os9.2.1
Appleapple/ios9.3

🔴Vulnerability Details

1
GHSA
GHSA-33c7-37w4-x2xm: Messages in Apple iOS before 92022-05-17

📋Vendor Advisories

3
Apple
CVE-2016-1788: iOS 9.3
Apple
CVE-2016-1788: watchOS 2.2
Apple
CVE-2016-1788: OS X El Capitan v10.11.4 and Security Update 2016-002