CVE-2015-5850 : AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to res

AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.

Published 2015-09-18 11:00:03

Updated 2025-04-12 10:46:41

Source Apple Inc.

View at NVD, CVE.org

Products affected by CVE-2015-5850

Apple » Iphone Os
Versions up to, including, (<=) 8.4.1
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 21 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

http://www.securityfocus.com/bid/76764

Apple iOS APPLE-SA-2015-09-16-1 Multiple Security Vulnerabilities

CVEs referencing this url
http://www.securitytracker.com/id/1033609

Apple iOS Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Bypass Security Restrictions, and Deny Service and Let Apps and Local Users Gain Elevated Pr

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url
https://support.apple.com/HT205212

About the security content of iOS 9 - Apple Support
Vendor Advisory

CVEs referencing this url

Jump to