Apple · Tv · CVE-2014-4364
**Name of the Vulnerable Software and Affected Versions**
Apple iOS versions prior to 8
Apple TV versions prior to 7
**Description**
The issue concerns the 802.1X subsystem, which does not enforce strong authentication methods. This allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
**Recommendations**
For Apple iOS versions prior to 8, update to version 8 or later to resolve the issue.
For Apple TV versions prior to 7, update to version 7 or later to resolve the issue.