Apple iOS < 16.3 Multiple Vulnerabilities (HT213606)

high Nessus Plugin ID 170573

Version 1.33

Oct 16, 2025, 4:39 PM

  • Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.)

Plugin Feed: 202510161639

Version 1.30

Oct 1, 2025, 9:12 PM

  • Logic Changes (Adding support for user-supplied header added to all HTTP requests.)

Plugin Feed: 202510012112

Version 1.29

Sep 30, 2025, 12:41 AM

  • Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.)

Plugin Feed: 202509300041

Version 1.28

Jul 15, 2025, 2:39 AM

  • Logic Changes

Plugin Feed: 202507150239

Version 1.27

Feb 12, 2025, 3:29 PM

  • Logic Changes

Plugin Feed: 202502121529

Version 1.26

Feb 10, 2025, 4:00 PM

  • Logic Changes

Plugin Feed: 202502101600

Version 1.25

Jan 13, 2025, 10:27 PM

  • New

Plugin Feed: 202501132227

Version 1.22

Jun 5, 2024, 4:40 PM

  • CISA reference

Plugin Feed: 202406051640

Version 1.21

Jun 5, 2024, 1:32 PM

  • CVE (set "CVE" coverage to "CVE-2022-0108,CVE-2023-23496,CVE-2023-23498,CVE-2023-23499,CVE-2023-23500,CVE-2023-23502,CVE-2023-23503,CVE-2023-23504,CVE-2023-23505,CVE-2023-23511,CVE-2023-23512,CVE-2023-23517,CVE-2023-23518,CVE-2023-23519,CVE-2023-23520,CVE-2023-23530,CVE-2023-23531,CVE-2023-28208,CVE-2023-32393,CVE-2023-32438,CVE-2023-41990")
  • CVSS metrics ("CVSSv2 score" set to 4.3)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • CVSSv2 score source (changed from "CVE-2023-23518" to "CVE-2022-0108")
  • CVSSv2 severity (based on CVE-2022-0108, severity decreased from "High" to "Medium")
  • CVSSv3 score source (set to "CVE-2023-32393")
  • Detection (updated detection logic)
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")
  • Plugin metadata

Plugin Feed: 202406051332

Version 1.20

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

Version 1.18

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

Version 1.17

Mar 8, 2024, 6:26 PM

  • New

Plugin Feed: 202403081826

Version 1.16

Mar 8, 2024, 4:03 PM

  • New

Plugin Feed: 202403081603

Version 1.15

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

Version 1.14

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

Version 1.13

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

Version 1.11

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

Version 1.8

Mar 9, 2023, 2:20 PM

  • CVSS metrics ("CVSSv2 score" changed from "6.9" to "10.0". "CVSSv2 score" changed from "6.9" to "10.0". "CVSSv2 score" changed from "6.9" to "10.0". "CVSSv2 score" changed from "6.9" to "10.0". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • CVSSv2 score source (changed from "CVE-2023-23504" to "CVE-2023-23518")
  • CVSSv2 severity (based on CVE-2023-23518, severity increased from "Medium" to "High")
  • CVSSv3 score source (changed from "CVE-2023-23517" to "CVE-2023-23518")

Plugin Feed: 202303091420

Version 1.6

Mar 8, 2023, 1:05 AM

  • Logic Changes

Plugin Feed: 202303080105

Version 1.5

Feb 16, 2023, 6:11 PM

  • IAVM reference

Plugin Feed: 202302161811

* Changelogs are generally available for changes made after Nov 1, 2022