Vulnerability Details : CVE-2014-1353
Lock Screen in Apple iOS before 7.1.2 does not properly manage the telephony state in Airplane Mode, which allows physically proximate attackers to bypass the lock protection mechanism, and access a certain foreground application, via unspecified vectors.
Products affected by CVE-2014-1353
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-1353
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-1353
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
3.6
|
LOW | AV:L/AC:L/Au:N/C:P/I:P/A:N |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2014-1353
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1353
-
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
-
http://www.securityfocus.com/bid/68276
Apple iOS Prior to 7.1.2 Multiple Security Vulnerabilities
-
http://www.securitytracker.com/id/1030500
Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Let Local Applications Gain Elevated Privileges - SecurityTracker
Jump to