Apple iOS < 10 Multiple Vulnerabilities (BlueBorne)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The version of iOS running on the mobile device is affected by
multiple vulnerabilities.

Description :

The version of iOS running on the mobile device is prior to 10. It is,
therefore, affected by multiple vulnerabilities :

- An access control issue exists in the Sandbox Profiles
component in SMS draft directories that allows a local
attacker to determine who a user is texting by using the
'stat' command on a directory. (CVE-2016-4620)

- An unspecified permissions issue exists in PlaceData in
the GeoServices component that allows a local attacker,
via a crafted application, to disclose sensitive
information. (CVE-2016-4719)

- A flaw exists in the Messages component in the Handoff
for Messages functionality due to incorrectly exposing
messages even while signed out. A physically present
attacker can exploit this to disclose sensitive
information. (CVE-2016-4740)

- A flaw exists in the Assets component due to updates
being sent over unencrypted channels. A
man-in-the-middle attacker can exploit this to block a
device from receiving software updates. (CVE-2016-4741)

- A flaw exists in the Keyboards component due to the
Keyboard Autocorrect Suggestion feature inadvertently
caching sensitive information. A physically present
attacker can exploit this to disclose sensitive
information. (CVE-2016-4746)

- A flaw exists in the Mail component due to improper
handling of untrusted certificates. A man-in-the-middle
attacker can exploit this to disclose credential
information. (CVE-2016-4747)

- A flaw exists in the Printing UIKit component when
writing an unencrypted document to a temporary file when
using AirPrint preview. A local attacker can exploit
this to disclose sensitive information. (CVE-2016-4749)

- A flaw exists in the Springboard component due to cached
application snapshots being displayed in the task
switcher. A local attacker can exploit this to disclose
sensitive information. (CVE-2016-7759)

- A flaw exists related to the BlueTooth subsystem that
could allow remote code execution as well as
man-in-the-middle attacks. This issue is also known as
'BlueBorne'.

See also :

https://support.apple.com/en-us/HT207143
http://www.nessus.org/u?d24bbb05
https://www.armis.com/blueborne/

Solution :

Upgrade to Apple iOS version 10.0 or later.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now