Apple TV <= 7.2.2 Bluetooth Remote Code Execution (BlueBorne)

High Nessus Plugin ID 103223


The remote device is affected by a remote code execution vulnerability.


According to its banner, the remote Apple TV device is a version equal or prior to 7.2.2. It is, therefore, affected by a remote code execution vulnerability. A flaw exists related to the BlueTooth subsystem that could allow remote code execution in the context of the privileged Bluetooth service. This issue is also known as 'BlueBorne'.


Upgrade to a 4th Generation Apple TV device running tvOS 9.0 or higher.
There is currently no fix available for 1st, 2nd or 3rd generation Apple TV devices.

See Also

Plugin Details

Severity: High

ID: 103223

File Name: appletv_blueborne.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2017/09/14

Modified: 2017/09/15

Dependencies: 93741

Risk Information

Risk Factor: High


Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apple:apple_tv

Required KB Items: AppleTV/Version, AppleTV/URL, AppleTV/Port

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/10/29

Vulnerability Publication Date: 2017/09/13

Reference Information

CVE: CVE-2017-14315

OSVDB: 165326