CVE-2016-4626NULL Pointer Dereference in Apple Iphone OS

CWE-476NULL Pointer Dereference6 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple Iphone OSApple MAC OS XApple Tvos+3 more
Timeline
PublishedJul 22
Latest updateMay 14

Description

IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDapple/tvos< 9.2.2
NVDapple/watchos< 2.2.2
Appleapple/tvos9.2.2
Appleapple/watchos2.2.2
NVDapple/mac_os_x< 10.11.6

🔴Vulnerability Details

1
GHSA
GHSA-wx6q-h4q7-3xrp: IOHIDFamily in Apple iOS before 92022-05-14

📋Vendor Advisories

4
Apple
CVE-2016-4626: OS X El Capitan v10.11.6 and Security Update 2016-0042016-07-18
Apple
CVE-2016-4626: tvOS 9.2.22016-07-18
Apple
CVE-2016-4626: watchOS 2.2.22016-07-18
Apple
CVE-2016-4626: iOS 9.3.32016-07-18