Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
BID:50640
Info
Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
| Bugtraq ID: | 50640 |
| Class: | Access Validation Error |
| CVE: |
CVE-2011-3440 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 10 2011 12:00AM |
| Updated: | Nov 10 2011 12:00AM |
| Credit: | Apple |
| Vulnerable: |
Apple iPad 0 Apple iOS 5 Apple iOS 4.3.5 Apple iOS 4.3.4 Apple iOS 4.3.3 Apple iOS 4.3.2 Apple iOS 4.3.1 Apple iOS 4.3 |
| Not Vulnerable: |
Apple iOS 5.0.1 |
Discussion
Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
Apple iPad is prone to a local security-bypass vulnerability.
An attacker with physical access to the affected device can exploit this issue to access user data not protected by Data Protection feature.
Apple iOS 4.3 through 5.0 for iPad 2 are vulberable.
Apple iPad is prone to a local security-bypass vulnerability.
An attacker with physical access to the affected device can exploit this issue to access user data not protected by Data Protection feature.
Apple iOS 4.3 through 5.0 for iPad 2 are vulberable.
Exploit / POC
Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
An attacker requires physical access to exploit the issue.
An attacker requires physical access to exploit the issue.
Solution / Fix
Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
Solution:
The vendor released an update. Please see the references for details.
Solution:
The vendor released an update. Please see the references for details.
References
Apple iPad Passcode Lock CVE-2011-3440 Local Security Bypass Vulnerability
References:
References:
- Apple iOS Homepage (Apple)