CVE-2016-1863
published 2016-07-22CVE-2016-1863: The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial…
PriorityP342high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
1.04%
59.9th percentile
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 9.3.3 | 9.3.3 |
| apple | mac_os_x | < 10.11.6 | 10.11.6 |
| apple | os_x_el_capitan_v10.11.6_and_security_update_2016-004 | — | — |
| apple | tvos | < 9.2.2 | 9.2.2 |
| apple | tvos | — | — |
| apple | watchos | < 2.2.2 | 2.2.2 |
| apple | watchos | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2016-1863: tvOS 9.2.2
vendor_apple·2016-07-18·CVSS 7.8
CVE-2016-1863 [HIGH] CVE-2016-1863: tvOS 9.2.2
Apple Security Update: About the security content of tvOS 9.2.2
Product: tvOS
Version: 9.2.2
CVE: CVE-2016-1863
Component: Kernel
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-1863: iOS 9.3.3
vendor_apple·2016-07-18·CVSS 7.8
CVE-2016-1863 [HIGH] CVE-2016-1863: iOS 9.3.3
Apple Security Update: About the security content of iOS 9.3.3
Product: iOS
Version: 9.3.3
CVE: CVE-2016-1863
Component: Kernel
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-1863: OS X El Capitan v10.11.6 and Security Update 2016-004
vendor_apple·2016-07-18·CVSS 7.8
CVE-2016-1863 [HIGH] CVE-2016-1863: OS X El Capitan v10.11.6 and Security Update 2016-004
Apple Security Update: About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004
Product: OS X El Capitan v10.11.6 and Security Update 2016-004
CVE: CVE-2016-1863
Component: Kernel
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-1863: watchOS 2.2.2
vendor_apple·2016-07-18·CVSS 7.8
CVE-2016-1863 [HIGH] CVE-2016-1863: watchOS 2.2.2
Apple Security Update: About the security content of watchOS 2.2.2
Product: watchOS
Version: 2.2.2
CVE: CVE-2016-1863
Component: Kernel
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
GHSA
GHSA-x9qx-846h-75g8: The kernel in Apple iOS before 9
ghsa_unreviewed·2022-05-14·CVSS 7.8
CVE-2016-1863 [HIGH] CWE-416 GHSA-x9qx-846h-75g8: The kernel in Apple iOS before 9
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
GHSA
GHSA-4rhr-2jf8-rw24: The kernel in Apple iOS before 9
ghsa_unreviewed·2022-05-14·CVSS 7.8
CVE-2016-4653 [HIGH] CWE-119 GHSA-4rhr-2jf8-rw24: The kernel in Apple iOS before 9
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.
GHSA
GHSA-4p48-hf74-qcqq: The kernel in Apple iOS before 9
ghsa_unreviewed·2022-05-14·CVSS 7.8
CVE-2016-4582 [HIGH] CWE-119 GHSA-4p48-hf74-qcqq: The kernel in Apple iOS before 9
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.
No detection rules found.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00003.htmlhttp://www.securityfocus.com/bid/91828http://www.securitytracker.com/id/1036344https://support.apple.com/HT206902https://support.apple.com/HT206903https://support.apple.com/HT206904https://support.apple.com/HT206905https://www.exploit-db.com/exploits/40652/http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00003.htmlhttp://www.securityfocus.com/bid/91828http://www.securitytracker.com/id/1036344https://support.apple.com/HT206902https://support.apple.com/HT206903https://support.apple.com/HT206904https://support.apple.com/HT206905https://www.exploit-db.com/exploits/40652/
2016-07-22
Published