Lucene search

AppleCVE-2010-4012

HistoryDec 08, 2010 - 8:00 p.m.

CVE-2010-4012

2010-12-0820:00:01

CWE-362

apple

web.nvd.nist.gov

cve-2010-4012

apple ios

iphone

passcode lock

security vulnerability

bypass

race condition

nvd

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

5.9

Confidence

Low

EPSS

Percentile

12.6%

JSON

Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.

Affected configurations

Nvd

Node

appleiphone_osMatch4.0

appleiphone_osMatch4.1

VendorProductVersionCPE
appleiphone_os4.0cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
appleiphone_os4.1cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone_os	4.0	cpe:2.3:o:apple:iphone_os:4.0:::::::*
apple	iphone_os	4.1	cpe:2.3:o:apple:iphone_os:4.1:::::::*

References

support.apple.com/kb/HT4456

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

5.9

Confidence

Low

EPSS

Percentile

12.6%

JSON

Related for CVE-2010-4012