Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-6982Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
1.2%
top 21.24%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple Iphone OSApple IOS
Timeline
PublishedMay 22
Latest updateMay 17

Description

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Notifications" component. It allows attackers to cause a denial of service via a crafted app.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDapple/iphone_os10.3.1
Appleapple/ios10.3.2

🔴Vulnerability Details

1
GHSA
GHSA-j3m2-x79q-hm9c: An issue was discovered in certain Apple products2022-05-17

💥Exploits & PoCs

1
Exploit-DB
Apple iOS < 10.3.2 - Notifications API Denial of Service2017-05-17

📋Vendor Advisories

1
Apple
CVE-2017-6982: iOS 10.3.22017-05-15