Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdi7cd6cbc56470722cd7dea01561796431ZDI-16-679
HistoryMar 31, 2017 - 12:00 a.m.

Apple iOS legacy-diagnostics Privilege Escalation Vulnerability

2017-03-3100:00:00
7cd6cbc56470722cd7dea01561796431
www.zerodayinitiative.com
16

EPSS

0.023

Percentile

89.8%

JSON

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must connect to a WiFi access point. The specific flaw exists within the usage of the legacy-diagnostics protocol handler. The issue lies in the launching of a diagnostic application that is able to render webpages outside of the sandbox. An attacker can leverage this vulnerability to escalate privileges outside the context of the sandbox.

Related

cve 1
cvelist 1
nvd 1
prion 1
apple 2
cve
cve
CVE-2016-7630
2017-02-20 08:59:03
cvelist
cvelist
CVE-2016-7630
2017-02-20 08:35:00
nvd
nvd
CVE-2016-7630
2017-02-20 08:59:03
prion
prion
Design/Logic Flaw
2017-02-20 08:59:00
apple
apple
About the security content of iOS 10.2 - Apple Support
2017-08-16 09:45:14
About the security content of iOS 10.2
2016-12-12 00:00:00

EPSS

0.023

Percentile

89.8%

JSON
Related for ZDI-16-679
cve1cvelist1nvd1prion1apple2