CVE-2014-4364
CVE-2014-4364 affects the 802.1X subsystem in Apple iOS before 8 and Apple TV before 7. An attacker can remotely trigger credentials exfiltration by offering LEAP authentication from a crafted Wi‑Fi AP, then perform a cryptographic attack against the MS-CHAPv1 hash to derive credentials. Public r...