cvelistv5 - CVE-2017-14315

CVE-2017-14315 (GCVE-0-2017-14315)

Vulnerability from cvelistv5

Published

2017-09-12 15:00

Modified

2024-08-05 19:20

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2017-14315

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-14315

Aliases

CVE-2017-14315

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-14315",
    "description": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings.",
    "id": "GSD-2017-14315"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-14315"
      ],
      "details": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings.",
      "id": "GSD-2017-14315",
      "modified": "2023-12-13T01:21:12.600084Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-14315",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "100816",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/100816"
          },
          {
            "name": "https://www.armis.com/blueborne",
            "refsource": "MISC",
            "url": "https://www.armis.com/blueborne"
          },
          {
            "name": "20190513 APPLE-SA-2019-5-13-6 Apple TV Software 7.3",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/May/24"
          },
          {
            "name": "https://support.apple.com/kb/HT210121",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210121"
          },
          {
            "name": "20190514 APPLE-SA-2019-5-13-6 Apple TV Software 7.3",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/May/30"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:7.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:9.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14315"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.armis.com/blueborne",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://www.armis.com/blueborne"
            },
            {
              "name": "100816",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/100816"
            },
            {
              "name": "20190513 APPLE-SA-2019-5-13-6 Apple TV Software 7.3",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2019/May/24"
            },
            {
              "name": "https://support.apple.com/kb/HT210121",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210121"
            },
            {
              "name": "20190514 APPLE-SA-2019-5-13-6 Apple TV Software 7.3",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "https://seclists.org/bugtraq/2019/May/30"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 5.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-05-14T16:29Z",
      "publishedDate": "2017-09-12T15:29Z"
    }
  }
}

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	watchOS versions antérieures à 5.2.1
Apple	macOS	macOS Mojave 10.14.4, macOS Sierra 10.12.6 et macOS High Sierra 10.13.6 sans le correctif de sécurité Security Update 2019-003
Apple	N/A	iOS versions antérieures à 12.3
Apple	N/A	tvOS versions antérieures à 12.3
Apple	N/A	Apple TV Software versions antérieures à 7.3
Apple	Safari	Safari versions antérieures à 12.1.1

References

Title

Publication Time

cnvd-2017-26764

Vulnerability from cnvd

Title

Apple Bluetooth LEAP and Apple TV堆缓冲区溢出漏洞

Description

低能量音频协议Low-Energy Audio Protocol (LEAP)，该协议旨在将音频流传输到低能量音频外设（如低能量耳机或Siri Remote），Apple TV是苹果公司推出的一款高清电视机顶盒产品，用户可以通过Apple TV在线收看电视节目 Apple Bluetooth Low-Energy Audio Protocol (LEAP) iOS版本9.3.5及更低版本，及Apple TV tvOS 7.2.2及更低版本中存在堆缓冲区溢出漏洞，由于通过LEAP发送的音频命令未被正确验证，可以将大型音频命令发送到目标设备，允许攻击者使用内存破坏来完全控制该设备。

Severity

高

Formal description

厂商尚未提供漏洞修补方案，请关注厂商主页及时更新： https://www.apple.com/

Reference

https://www.kb.cert.org/vuls/id/240311 https://www.armis.com/blueborne/#/technical

Impacted products

Name
['Apple Bluetooth Low-Energy Audio Protocol iOS <=9.3.5', 'Apple tvOS <=7.2.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-14315"
    }
  },
  "description": "\u4f4e\u80fd\u91cf\u97f3\u9891\u534f\u8baeLow-Energy Audio Protocol (LEAP)\uff0c\u8be5\u534f\u8bae\u65e8\u5728\u5c06\u97f3\u9891\u6d41\u4f20\u8f93\u5230\u4f4e\u80fd\u91cf\u97f3\u9891\u5916\u8bbe\uff08\u5982\u4f4e\u80fd\u91cf\u8033\u673a\u6216Siri Remote\uff09\uff0cApple TV\u662f\u82f9\u679c\u516c\u53f8\u63a8\u51fa\u7684\u4e00\u6b3e\u9ad8\u6e05\u7535\u89c6\u673a\u9876\u76d2\u4ea7\u54c1\uff0c\u7528\u6237\u53ef\u4ee5\u901a\u8fc7Apple TV\u5728\u7ebf\u6536\u770b\u7535\u89c6\u8282\u76ee\r\n\r\nApple Bluetooth Low-Energy Audio Protocol (LEAP) iOS\u7248\u672c9.3.5\u53ca\u66f4\u4f4e\u7248\u672c\uff0c\u53caApple TV tvOS 7.2.2\u53ca\u66f4\u4f4e\u7248\u672c\u4e2d\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u7531\u4e8e\u901a\u8fc7LEAP\u53d1\u9001\u7684\u97f3\u9891\u547d\u4ee4\u672a\u88ab\u6b63\u786e\u9a8c\u8bc1\uff0c\u53ef\u4ee5\u5c06\u5927\u578b\u97f3\u9891\u547d\u4ee4\u53d1\u9001\u5230\u76ee\u6807\u8bbe\u5907\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u4f7f\u7528\u5185\u5b58\u7834\u574f\u6765\u5b8c\u5168\u63a7\u5236\u8be5\u8bbe\u5907\u3002",
  "discovererName": "Ben Seri and Gregory Vishnepolsky of Armis",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.apple.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-26764",
  "openTime": "2017-09-14",
  "products": {
    "product": [
      "Apple Bluetooth Low-Energy Audio Protocol iOS \u003c=9.3.5",
      "Apple tvOS \u003c=7.2.2"
    ]
  },
  "referenceLink": "https://www.kb.cert.org/vuls/id/240311\r\nhttps://www.armis.com/blueborne/#/technical",
  "serverity": "\u9ad8",
  "submitTime": "2017-09-13",
  "title": "Apple Bluetooth LEAP and Apple TV\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

ghsa-fh2g-g7qm-3vm4

Vulnerability from github

Published

2022-05-14 01:03

Modified

2022-05-14 01:03

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-14315"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-09-12T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings.",
  "id": "GHSA-fh2g-g7qm-3vm4",
  "modified": "2022-05-14T01:03:34Z",
  "published": "2022-05-14T01:03:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14315"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/May/30"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210121"
    },
    {
      "type": "WEB",
      "url": "https://www.armis.com/blueborne"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/May/24"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100816"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

var-201709-0464

Vulnerability from variot

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings. A collection of Bluetooth implementation vulnerabilities known as "BlueBorne" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device. Apple iOS and tvOS are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. Following products and versions are vulnerable: Apple iOS 7 through 9.3.5 Apple tvOS. The vulnerability stems from the fact that the program does not correctly verify audio commands. An attacker could exploit this vulnerability to take control of the device. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2019-5-13-5 Safari 12.1.1

Safari 12.1.1 is now available and addresses the following:

WebKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5 Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team

WebKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team CVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech CVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8586: an anonymous researcher CVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab CVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8596: Wen Xu of SSLab at Georgia Tech CVE-2019-8597: 01 working with Trend Micro Zero Day Initiative CVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative CVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8609: Wen Xu of SSLab, Georgia Tech CVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative CVE-2019-8611: Samuel Groß of Google Project Zero CVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative CVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab CVE-2019-8622: Samuel Groß of Google Project Zero CVE-2019-8623: Samuel Groß of Google Project Zero CVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab

Additional recognition

Safari We would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.

Installation note:

Safari 12.1.1 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUkpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EGGBAA jan3x6GxZzcawJskOhoEVDuZTcb19c+K9Q+jHPbG6szt2ChRkpZfN2fX+fqG8q7Y Itu63uFCfhWMKRbQrwIvzBceEUsNCbgiKNrIJGtEJkmvZjp84ETTjp5WYjMGCTCI 8pe/ij5TtFwJWWXKboO3rVfxfFcfI/67g/wx05l3h2YFoC9Fm52isUkycaAi0siP M4/nTeoA5BTAuv+7J6ohw5TgcYR8NEENpaVTQcUIMLyO3E/wlRcEoHLRtHnMjR89 CGwZg1/LIF/Ae3hJmg5O9PQMIDU6u8ILi/BVK4LGZ4u3x8Qfvg7fm556J6wBEUuP YZ2Mne5Gg1ayUGw/glTbpAkP1XFymvPloyC6/41r3b46X/nExXER86RC2uNJNNe3 8doCYGznFWWbsGBAAVrWut0sS80nOyjSpoAifkkhqZEXbo8pyvjqfGVGijwzcKcd iTdzhpcYahJ1WUIAIXbxjFlHJ8muFxyKrEuqrjnXqM+EjyYP/tu8VOCl2blTOGLP vPmF6ZBHoP3Dtqk9Z+XNusJFGWo7Nm+HLzXTyQsdbnGu8EnP6ywLHBrmBVu03men Os4rHHH1zueO42iPnATC60y9jvyFt2ofnQHCkPl7FdWS8Ek9nVgIhtzaLokrSQM7 TZ10USIZOmz/2BQs133z+fA30SgDUNDyMIE47x6x3HI= =bWtO -----END PGP SIGNATURE-----

Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201709-0464",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3.3"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3.4"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.3.5"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.1.3"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.4.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.5"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "android open source",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "blackberry",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "google",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "samsung mobile",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tizen",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7 to  9"
      },
      {
        "model": "systemdirector enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "db": "BID",
        "id": "100816"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:systemdirector_enterprise",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "152848"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2017-14315",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.5,
            "id": "CVE-2017-14315",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 5.5,
            "id": "VHN-105025",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:A/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.6,
            "id": "CVE-2017-14315",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-14315",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-14315",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201709-487",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-105025",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-14315",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings. A collection of Bluetooth implementation vulnerabilities known as \"BlueBorne\" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device. Apple iOS and tvOS are prone to a heap-based buffer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. \nFollowing products and versions are vulnerable:\nApple iOS 7 through 9.3.5\nApple tvOS. The vulnerability stems from the fact that the program does not correctly verify audio commands. An attacker could exploit this vulnerability to take control of the device. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-5-13-5 Safari 12.1.1\n\nSafari 12.1.1 is now available and addresses the following:\n\nWebKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and\nincluded in macOS Mojave 10.14.5\nImpact: Processing maliciously crafted web content may result in the\ndisclosure of process memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\nWebKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and\nincluded in macOS Mojave 10.14.5\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day\nInitiative, Liu Long of Qihoo 360 Vulcan Team\nCVE-2019-8571: 01 working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_)\nof Tencent Keen Lab, and dwfault working at ADLab of Venustech\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero\nDay Initiative\nCVE-2019-8586: an anonymous researcher\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security \u0026\nPrivacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero\nDay Initiative\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\nCVE-2019-8601: Fluoroacetate working with Trend Micro\u0027s Zero Day\nInitiative\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro\u0027s\nZero Day Initiative\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and\nHanqing Zhao of Chaitin Security Research Lab\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and\nHanqing Zhao of Chaitin Security Research Lab\n\nAdditional recognition\n\nSafari\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin\nfor their assistance. \n\nInstallation note:\n\nSafari 12.1.1 may be obtained from the Mac App Store. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUkpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EGGBAA\njan3x6GxZzcawJskOhoEVDuZTcb19c+K9Q+jHPbG6szt2ChRkpZfN2fX+fqG8q7Y\nItu63uFCfhWMKRbQrwIvzBceEUsNCbgiKNrIJGtEJkmvZjp84ETTjp5WYjMGCTCI\n8pe/ij5TtFwJWWXKboO3rVfxfFcfI/67g/wx05l3h2YFoC9Fm52isUkycaAi0siP\nM4/nTeoA5BTAuv+7J6ohw5TgcYR8NEENpaVTQcUIMLyO3E/wlRcEoHLRtHnMjR89\nCGwZg1/LIF/Ae3hJmg5O9PQMIDU6u8ILi/BVK4LGZ4u3x8Qfvg7fm556J6wBEUuP\nYZ2Mne5Gg1ayUGw/glTbpAkP1XFymvPloyC6/41r3b46X/nExXER86RC2uNJNNe3\n8doCYGznFWWbsGBAAVrWut0sS80nOyjSpoAifkkhqZEXbo8pyvjqfGVGijwzcKcd\niTdzhpcYahJ1WUIAIXbxjFlHJ8muFxyKrEuqrjnXqM+EjyYP/tu8VOCl2blTOGLP\nvPmF6ZBHoP3Dtqk9Z+XNusJFGWo7Nm+HLzXTyQsdbnGu8EnP6ywLHBrmBVu03men\nOs4rHHH1zueO42iPnATC60y9jvyFt2ofnQHCkPl7FdWS8Ek9nVgIhtzaLokrSQM7\nTZ10USIZOmz/2BQs133z+fA30SgDUNDyMIE47x6x3HI=\n=bWtO\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nSent through the Full Disclosure mailing list\nhttps://nmap.org/mailman/listinfo/fulldisclosure\nWeb Archives \u0026 RSS: http://seclists.org/fulldisclosure/",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "BID",
        "id": "100816"
      },
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "PACKETSTORM",
        "id": "152848"
      }
    ],
    "trust": 2.88
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-105025",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-14315",
        "trust": 3.8
      },
      {
        "db": "BID",
        "id": "100816",
        "trust": 2.1
      },
      {
        "db": "CERT/CC",
        "id": "VU#240311",
        "trust": 2.0
      },
      {
        "db": "LENOVO",
        "id": "LEN-17125",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "152848",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU95513538",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1699",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-105025",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "BID",
        "id": "100816"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "PACKETSTORM",
        "id": "152848"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "id": "VAR-201709-0464",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:38:28.047000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "iOS",
        "trust": 0.8,
        "url": "https://www.apple.com/jp/ios/ios-11/"
      },
      {
        "title": "NV18-001",
        "trust": 0.8,
        "url": "http://jpn.nec.com/security-info/secinfo/nv18-001.html"
      },
      {
        "title": "Apple iOS Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74712"
      },
      {
        "title": "blueborne",
        "trust": 0.1,
        "url": "https://github.com/hw5773/blueborne "
      },
      {
        "title": "-CVE-2017-0785-BlueBorne-PoC",
        "trust": 0.1,
        "url": "https://github.com/Alfa100001/-CVE-2017-0785-BlueBorne-PoC "
      },
      {
        "title": "awesome-bluetooth-security",
        "trust": 0.1,
        "url": "https://github.com/engn33r/awesome-bluetooth-security "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/apple-patches-intel-side-channel-ios-macos/144743/"
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/blueborne-vulnerabilities-impact-over-5-billion-bluetooth-enabled-devices/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/100816"
      },
      {
        "trust": 1.9,
        "url": "https://seclists.org/bugtraq/2019/may/30"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/kb/ht210121"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2019/may/24"
      },
      {
        "trust": 1.8,
        "url": "https://www.armis.com/blueborne"
      },
      {
        "trust": 1.6,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8628"
      },
      {
        "trust": 1.2,
        "url": "https://www.kb.cert.org/vuls/id/240311"
      },
      {
        "trust": 1.1,
        "url": "https://www.armis.com/blueborne/#/technical"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14315"
      },
      {
        "trust": 0.8,
        "url": "https://source.android.com/security/bulletin/2017-09-01"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/120.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/122.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/191.html"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/300.html"
      },
      {
        "trust": 0.8,
        "url": "http://support.blackberry.com/kb/articledetail?articlenumber=000045807\u0026language=en_us"
      },
      {
        "trust": 0.8,
        "url": "https://support.lenovo.com/us/en/product_security/len-17125"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14315"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20170914_blueborne.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.jpcert.or.jp/at/2017/at170037.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95513538/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.armis.com/blueborne/"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-au/ht210121"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht210121"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/152848/apple-security-advisory-2019-5-13-6.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80846"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ios/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/appletv/features.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/accessibility/tvos/"
      },
      {
        "trust": 0.3,
        "url": "http://go.armis.com/hubfs/blueborne technical white paper.pdf"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/alfa100001/-cve-2017-0785-blueborne-poc"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.1,
        "url": "http://seclists.org/fulldisclosure/"
      },
      {
        "trust": 0.1,
        "url": "https://nmap.org/mailman/listinfo/fulldisclosure"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6975"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "BID",
        "id": "100816"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "PACKETSTORM",
        "id": "152848"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "db": "BID",
        "id": "100816"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "db": "PACKETSTORM",
        "id": "152848"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-12T00:00:00",
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "date": "2017-09-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "date": "2017-09-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "date": "2017-09-12T00:00:00",
        "db": "BID",
        "id": "100816"
      },
      {
        "date": "2017-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "date": "2019-05-14T00:29:32",
        "db": "PACKETSTORM",
        "id": "152848"
      },
      {
        "date": "2017-09-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "date": "2017-09-12T15:29:00.190000",
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-11-08T00:00:00",
        "db": "CERT/CC",
        "id": "VU#240311"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-105025"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-14315"
      },
      {
        "date": "2017-09-12T00:00:00",
        "db": "BID",
        "id": "100816"
      },
      {
        "date": "2018-02-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-007675"
      },
      {
        "date": "2021-10-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      },
      {
        "date": "2024-11-21T03:12:32.357000",
        "db": "NVD",
        "id": "CVE-2017-14315"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple Bluetooth implementation vulnerabilities affect many devices",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#240311"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201709-487"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2017-14315

Vulnerability from fkie_nvd

Published

2017-09-12 15:29

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://seclists.org/fulldisclosure/2019/May/24
cve@mitre.org	http://www.securityfocus.com/bid/100816	Third Party Advisory, VDB Entry
cve@mitre.org	https://seclists.org/bugtraq/2019/May/30
cve@mitre.org	https://support.apple.com/kb/HT210121
cve@mitre.org	https://www.armis.com/blueborne	Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/May/24
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100816	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/May/30
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT210121
af854a3a-2127-422b-91ae-364da2661108	https://www.armis.com/blueborne	Technical Description, Third Party Advisory

Impacted products

Vendor	Product	Version
apple	iphone_os	7.0
apple	iphone_os	7.0.1
apple	iphone_os	7.0.2
apple	iphone_os	7.0.3
apple	iphone_os	7.0.4
apple	iphone_os	7.0.5
apple	iphone_os	7.0.6
apple	iphone_os	7.1
apple	iphone_os	7.1.1
apple	iphone_os	7.1.2
apple	iphone_os	8.0
apple	iphone_os	8.0.1
apple	iphone_os	8.0.2
apple	iphone_os	8.1
apple	iphone_os	8.1.2
apple	iphone_os	8.1.3
apple	iphone_os	8.2
apple	iphone_os	8.4.1
apple	iphone_os	9.0
apple	iphone_os	9.0.1
apple	iphone_os	9.0.2
apple	iphone_os	9.1
apple	iphone_os	9.2
apple	iphone_os	9.2.1
apple	iphone_os	9.3
apple	iphone_os	9.3.1
apple	iphone_os	9.3.2
apple	iphone_os	9.3.3
apple	iphone_os	9.3.4
apple	iphone_os	9.3.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A11433-B725-4BD6-B998-4B3637F061EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD62141-07B1-4E3D-80BC-25D519F90DBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9737BD4-B4F4-4291-A1E9-B692ECBC657E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6160869-944D-4E34-BB81-6A1259D692B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "090CAC3C-4B20-46E5-A8C7-950B7E1DB5E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F77DD-0962-4E55-97A2-9BC2FE01D8A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD9ACBF-34A4-4181-A6E0-78ABD4FC9ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF40E86-E5D2-4D66-B296-ADFA78B42113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "997D8B0E-44AC-4598-B533-AB31CBE5E2F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "343E9709-AE00-4F6D-85DF-E7841A1086BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7350A49-6D6B-4E03-933E-52453FE33E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C067D7E6-41CD-4859-A214-80F4C8E88567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "245A0B42-AA79-4B33-AAEE-E414B6B1EAC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C3064F3-0E1C-4E9D-AB4A-930A38D3939A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01986EC5-A2F0-4053-B4FA-B602F505ED8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96C13A0-1ED4-48FD-A401-D5E719FDE2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8C4D24-60BE-4A9B-88DB-78FE82EF27EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "708A47AF-E707-4447-934F-2AA38F128CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "43407BEC-120E-458C-9A8B-74AAADBE568F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4947E737-4F7F-4C32-A209-FDD908450B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8CF641-5D21-4A0E-931F-C561617AACC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "772F662B-351B-45B1-86B6-80917977F1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD8801E-E7F8-4AF6-8592-F1CAA3F74C53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F9FDAC-5C8D-45FC-AF63-FCB8033C0BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50BE429-7D84-4C78-ADC1-E6E3B40F8021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FE10F0E-DA27-437F-8A30-83BA723F5433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "720014DA-BBA4-43DB-8938-64D9975DA009",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7104A121-F2E3-4E11-80B8-40A343E30E6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71EF83E8-1450-46AD-9209-68277DD0AB0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC09B623-2732-4745-AB1F-6E3D031CB77F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings."
    },
    {
      "lang": "es",
      "value": "En Apple iOS 7 hasta la versi\u00f3n 9, debido a un error \"BlueBorne\" en la implementaci\u00f3n de LEAP (Low Energy Audio Protocol), se puede enviar un comando de audio largo a un dispositivo objetivo y desencadenar un desbordamiento de memoria din\u00e1mica (heap) con datos controlados por el atacante. Los comandos de audio enviados a trav\u00e9s de LEAP no se validan correctamente, por lo que un atacante podr\u00eda emplear este desbordamiento para obtener el control total del dispositivo mediante los privilegios relativamente elevados de la pila Bluetooth en iOS. El ataque omite el control de acceso Bluetooth, sin embargo, el valor por defecto \"Bluetooth On\" debe estar presente en Configuraci\u00f3n."
    }
  ],
  "id": "CVE-2017-14315",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T15:29:00.190",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2019/May/24"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100816"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://seclists.org/bugtraq/2019/May/30"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/kb/HT210121"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://www.armis.com/blueborne"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2019/May/24"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://seclists.org/bugtraq/2019/May/30"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT210121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://www.armis.com/blueborne"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-14315 (GCVE-0-2017-14315)

Vulnerability from cvelistv5

gsd-2017-14315

Vulnerability from gsd

CERTFR-2019-AVI-204

Vulnerability from certfr_avis

Solution

cnvd-2017-26764

Vulnerability from cnvd

ghsa-fh2g-g7qm-3vm4

Vulnerability from github

var-201709-0464

Vulnerability from variot

fkie_cve-2017-14315

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature