7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
5.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges.
CPE | Name | Operator | Version |
---|---|---|---|
apple:watchos | apple watchos | eq | 1.0 |
lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
lists.apple.com/archives/security-announce/2015/Sep/msg00005.html
lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
www.securityfocus.com/bid/76764
www.securitytracker.com/id/1033609
support.apple.com/HT205212
support.apple.com/HT205213
support.apple.com/HT205267