Condorlab

IOS – Elevation Privilege


Advisory ID
RSN-RA-0022


Vulnerability Information

AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.


CVSS Base Score

7.8 High


Release Date

2016-11-05


Solutions

RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4698

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4698