PT-2010-5238 · Apple · Ios
Publicado
2010-12-08
·
Atualizado
2010-12-09
·
CVE-2010-4012
CVSS v2.0
6.2
Média
| Vetor | AV:L/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions 4.0 through 4.1
Description
A race condition in the affected iOS versions allows physically proximate attackers to bypass the passcode lock. This can be achieved by making a call from the Emergency Call screen and then quickly pressing the Sleep/Wake button.
Recommendations
For Apple iOS versions 4.0 through 4.1, consider disabling the Emergency Call feature as a temporary workaround until a patch is available. Restrict access to the Sleep/Wake button to minimize the risk of exploitation.
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ios