According to its banner, the remote Apple TV device is missing a security update. It is, therefore, affected by the following vulnerabilities :
- There is a flaw in the way that the IOSurface component handles “type confusion” which would allow a remote attacker to execute arbitrary code as a privileged user. (CVE-2015-1061)
- The MobileStorageMounter component allows attackers to create arbitrary filesystem locations. (CVE-2015-1062)
- The Secure Transport component allows remote attackers to downgrade the encryption cipher. (CVE-2015-1067)