Vulnerability Details : CVE-2016-7662
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows remote attackers to spoof certificates via unspecified vectors.
Products affected by CVE-2016-7662
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-7662
0.76%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-7662
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-7662
-
The product does not validate, or incorrectly validates, a certificate.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7662
-
http://www.securitytracker.com/id/1037469
Apple macOS/OS X Multiple Flaws Let Remote Users Execute Arbitrary Code and Local Users Deny Service and Gain Elevated Privileges - SecurityTracker
-
https://support.apple.com/HT207487
About the security content of watchOS 3.1.3 - Apple SupportVendor Advisory
-
https://support.apple.com/HT207423
About the security content of macOS Sierra 10.12.2, Security Update 2016-003 El Capitan, and Security Update 2016-007 Yosemite - Apple SupportVendor Advisory
-
https://support.apple.com/HT207422
About the security content of iOS 10.2 - Apple SupportVendor Advisory
-
http://www.securityfocus.com/bid/94905
Apple macOS/watchOS/iOS/tvOS Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
Jump to