Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-7115Race Condition in Apple Iphone OS

CWE-362Race Condition5 documents4 sources
Severity
8.1HIGHNVD
EPSS
8.0%
top 7.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Apple Iphone OSApple TvosApple IOS
Timeline
PublishedOct 23
Latest updateMay 14

Description

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic that leverages a race condition.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages4 packages

NVDapple/tvos10.2.2
Appleapple/tvos11
NVDapple/iphone_os10.3.3
Appleapple/ios11

🔴Vulnerability Details

1
GHSA
GHSA-2626-fg73-6xgq: An issue was discovered in certain Apple products2022-05-14

💥Exploits & PoCs

1
Exploit-DB
Apple iOS 10.2 (14C92) - Remote Code Execution2017-10-17

📋Vendor Advisories

2
Apple
CVE-2017-7115: tvOS 112017-09-19
Apple
CVE-2017-7115: iOS 112017-09-19
CVE-2017-7115 — Race Condition in Apple Iphone OS | cvebase