PT-2010-5238 · Apple · Ios
Published
2010-12-08
·
Updated
2010-12-09
·
CVE-2010-4012
CVSS v2.0
6.2
Medium
| Vector | AV:L/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions 4.0 through 4.1
Description
A race condition in the affected iOS versions allows physically proximate attackers to bypass the passcode lock. This can be achieved by making a call from the Emergency Call screen and then quickly pressing the Sleep/Wake button.
Recommendations
For Apple iOS versions 4.0 through 4.1, consider disabling the Emergency Call feature as a temporary workaround until a patch is available. Restrict access to the Sleep/Wake button to minimize the risk of exploitation.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ios