PT-2017-17528 · Apple · Ios

Don Sparks

Published

2017-10-23

Updated

2019-10-03

CVE-2017-7133

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 11

Description The issue involves the MobileBackup component and allows remote attackers to obtain sensitive cleartext information in certain circumstances by leveraging read access to a backup archive that was supposed to have been encrypted.

Recommendations For iOS versions prior to 11, update to version 11 or later to resolve the issue. As a temporary workaround, consider restricting access to backup archives to minimize the risk of exploitation.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2017-7133

Affected Products

Ios

PT-2017-17528 · Apple · Ios

CVE-2017-7133

Weakness Enumeration

Related Identifiers

Affected Products

References · 5