PT-2017-13175 · Apple · Watch+3
Khaos Tian
·
Publicado
2017-12-25
·
Atualizado
2019-10-03
·
CVE-2017-13903
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions prior to 11.2.1
Apple tvOS versions prior to 11.2.1
Description
The issue involves the
HomeKit component and incorrect message handling, allowing remote attackers to modify the application state. This can be demonstrated by using an Apple Watch to obtain an encryption key and unlock a door.Recommendations
For iOS versions prior to 11.2.1, update to version 11.2.1 or later to resolve the issue.
For tvOS versions prior to 11.2.1, update to version 11.2.1 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Watch
Homekit
Ios
Tvos