Apple TV <= 7.2.2 Bluetooth Remote Code Execution (BlueBorne)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote device is affected by a remote code execution vulnerability.

Description :

According to its banner, the remote Apple TV device is a version equal
or prior to 7.2.2. It is, therefore, affected by a remote code execution
vulnerability. A flaw exists related to the BlueTooth subsystem that
could allow remote code execution in the context of the privileged Bluetooth
service. This issue is also known as 'BlueBorne'.

See also :

https://www.armis.com/blueborne/

Solution :

Upgrade to a 4th Generation Apple TV device running tvOS 9.0 or higher.
There is currently no fix available for 1st, 2nd or 3rd generation Apple TV devices.

Risk factor :

High / CVSS Base Score : 8.3
(CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 103223 ()

Bugtraq ID:

CVE ID: CVE-2017-14315

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now