Apple iOS < 16.4 Multiple Vulnerabilities (HT213676)

critical Nessus Plugin ID 173738

Language:

Version 1.36 Nov 3, 2025, 9:25 PM Logic Changes (Corrects handling base64 encoded HTTP cookies) Plugin Feed: 202511032125
Version 1.35 Oct 27, 2025, 3:15 PM Logic Changes (Gate HTTP debugging behind hidden preference) Plugin Feed: 202510271515
Version 1.34 Oct 23, 2025, 3:11 AM Logic Changes (Fix HTTP/1 library to make sure it closes unused Keep-Alive connections) Plugin Feed: 202510230311
Version 1.32 Oct 16, 2025, 4:39 PM Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.) Plugin Feed: 202510161639
Version 1.29 Oct 1, 2025, 9:12 PM Logic Changes (Adding support for user-supplied header added to all HTTP requests.) Plugin Feed: 202510012112
Version 1.28 Sep 30, 2025, 12:41 AM Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.) Plugin Feed: 202509300041
Version 1.27 Jul 15, 2025, 2:39 AM Logic Changes Plugin Feed: 202507150239
Version 1.26 Feb 12, 2025, 3:29 PM Logic Changes Plugin Feed: 202502121529
Version 1.25 Feb 10, 2025, 4:00 PM Logic Changes Plugin Feed: 202502101600
Version 1.24 Jan 13, 2025, 10:27 PM New Plugin Feed: 202501132227
Version 1.21 Jul 23, 2024, 6:09 PM CISA reference Plugin Feed: 202407231809
Version 1.20 Jul 22, 2024, 8:33 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2023-23526" to "CVE-2014-1745") CVSSv3 score source (set to "CVE-2023-28201") Detection (updated detection logic) Plugin metadata CVSS metrics ("CVSSv2 score" set to 7.5) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P") CVE (set "CVE" coverage to "CVE-2014-1745,CVE-2022-46705,CVE-2022-46724,CVE-2022-46725,CVE-2023-23494,CVE-2023-23523,CVE-2023-23525,CVE-2023-23526,CVE-2023-23527,CVE-2023-23528,CVE-2023-23532,CVE-2023-23535,CVE-2023-23536,CVE-2023-23537,CVE-2023-23540,CVE-2023-23541,CVE-2023-23543,CVE-2023-27928,CVE-2023-27929,CVE-2023-27931,CVE-2023-27931,CVE-2023-27932,CVE-2023-27933,CVE-2023-27937,CVE-2023-27942,CVE-2023-27943,CVE-2023-27954,CVE-2023-27955,CVE-2023-27956,CVE-2023-27959,CVE-2023-27961,CVE-2023-27963,CVE-2023-27969,CVE-2023-27970,CVE-2023-28178,CVE-2023-28181,CVE-2023-28182,CVE-2023-28185,CVE-2023-28187,CVE-2023-28188,CVE-2023-28194,CVE-2023-28195,CVE-2023-28198,CVE-2023-28201,CVE-2023-32358,CVE-2023-32366,CVE-2023-32370,CVE-2023-32424,CVE-2023-32435,CVE-2023-40398,CVE-2023-41075,CVE-2023-42830,CVE-2023-42862,CVE-2023-42865") Plugin Feed: 202407222033
Version 1.19 May 20, 2024, 10:13 AM Logic Changes Plugin Feed: 202405201013
Version 1.17 Mar 19, 2024, 6:40 PM Logic Changes (Improving logging to reduce disk space usage) Plugin Feed: 202403191840
Version 1.16 Mar 8, 2024, 6:26 PM New Plugin Feed: 202403081826
Version 1.15 Mar 8, 2024, 4:03 PM New Plugin Feed: 202403081603
Version 1.14 Sep 26, 2023, 8:16 PM Logic Changes Plugin Feed: 202309262016
Version 1.13 Jul 17, 2023, 2:06 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202307171406
Version 1.12 Jun 20, 2023, 9:07 PM Logic Changes (Temporarily limit debug logging) Plugin Feed: 202306202107
Version 1.11 Jun 1, 2023, 5:27 AM Logic Changes (Better logging) Plugin Feed: 202306010527
Version 1.10 May 14, 2023, 10:07 AM CVSS metrics ("CVSSv2 score" changed from 9.3 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSSv3 score source (set to "CVE-2023-23526") CVSSv2 score source (changed from "CVE-2023-28181" to "CVE-2023-23526") Plugin Feed: 202305141007
Version 1.9 May 14, 2023, 6:02 AM CVSS metrics ("CVSSv2 score" changed from 7.5 to 9.3. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C") CVSSv2 score source (changed from "CVE-2023-27970" to "CVE-2023-28181") Plugin Feed: 202305140602
Version 1.8 May 14, 2023, 2:08 AM CVSS metrics ("CVSSv2 score" changed from 7.5 to 9.3. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C") CVSSv2 score source (changed from "CVE-2023-27970" to "CVE-2023-28181") Plugin Feed: 202305140208
Version 1.7 May 11, 2023, 8:47 PM CVSSv2 score source (changed from "CVE-2023-27970" to "CVE-2023-28181") CVSS metrics ("CVSSv2 score" changed from 7.5 to 9.3. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C") Plugin Feed: 202305112047
Version 1.5 May 1, 2023, 9:07 PM Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().) Plugin Feed: 202305012107
Version 1.2 Apr 12, 2023, 12:04 PM IAVM reference Plugin Feed: 202304121204
Version 1.1 Apr 4, 2023, 12:12 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202304041212
Version 1.0 Mar 31, 2023, 6:05 PM New Plugin Feed: 202303311805

* Changelogs are generally available for changes made after Nov 1, 2022

Detections

Analytics

Apple iOS < 16.4 Multiple Vulnerabilities (HT213676)

critical Nessus Plugin ID 173738

Version 1.36

Version 1.35

Version 1.34

Version 1.32

Version 1.29

Version 1.28

Version 1.27

Version 1.26

Version 1.25

Version 1.24

Version 1.21

Version 1.20

Version 1.19

Version 1.17

Version 1.16

Version 1.15

Version 1.14

Version 1.13

Version 1.12

Version 1.11

Version 1.10

Version 1.9

Version 1.8

Version 1.7

Version 1.5

Version 1.2

Version 1.1

Version 1.0