CVE-2014-1287

HIGH

Description

USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.

References

http://support.apple.com/kb/HT6162

http://support.apple.com/kb/HT6163

Details

Source: MITRE

Published: 2014-03-14

Updated: 2019-03-08

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to 6.0.2 (inclusive)

Configuration 2

cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 7.0.6 (inclusive)

Tenable Plugins

View all (4 total)

ID	Name	Product	Family	Severity
8250	Apple TV < 6.1 Multiple Vulnerabilities	Nessus Network Monitor	Internet Services	high
72962	Apple TV < 6.1 Multiple Vulnerabilities	Nessus	Misc.	high
8155	Apple iOS < 7.1 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
72907	Apple iOS < 7.1 Multiple Vulnerabilities	Nessus	Mobile Devices	high