Lucene search
HistorySep 18, 2014 - 10:55 a.m.
CVE-2014-4367
cve-2014-4367
apple ios
voice dial
upgrade actions
physically proximate attackers
unintended calls
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.0%
Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number.
Affected configurations
Node
appleiphone_osRange≤7.1.2
ORappleiphone_osMatch7.0
ORappleiphone_osMatch7.0.1
ORappleiphone_osMatch7.0.2
ORappleiphone_osMatch7.0.3
ORappleiphone_osMatch7.0.4
ORappleiphone_osMatch7.0.5
ORappleiphone_osMatch7.0.6
ORappleiphone_osMatch7.1
ORappleiphone_osMatch7.1.1
Related
nvd
nvd
CVE-2014-4367
2014-09-18 10:55:09
prion
prion
Code injection
2014-09-18 10:55:00
cvelist
cvelist
CVE-2014-4367
2014-09-18 10:00:00
securityvulns
securityvulns
Apple iOS multiple security vulnerabilities
2014-09-21 00:00:00
APPLE-SA-2014-09-17-1 iOS 8
2014-09-21 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.0%
Related for CVE-2014-4367