Detections
Analytics
Apple iOS < 11.4 Multiple Vulnerabilities (EFAIL)
high Nessus Plugin ID 110398
Language:
Synopsis
The version of Apple iOS running on the mobile device is affected by multiple vulnerabilities.Description
The version of Apple iOS running on the mobile device is prior to 11.4. It is, therefore, affected by multiple vulnerabilities.Solution
Upgrade to Apple iOS version 11.4 or later.See Also
https://support.apple.com/en-us/HT208848
Plugin Details
Severity: High
ID: 110398
File Name: apple_ios_114_check.nbin
Version: 1.62
Type: local
Family: Mobile Devices
Published: 6/7/2018
Updated: 9/24/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2018-4404
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2018-4246
Vulnerability Information
CPE: cpe:/o:apple:iphone_os
Required KB Items: mdm/dependency/unlocked
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/1/2018
Vulnerability Publication Date: 6/1/2018
Exploitable With
Metasploit (Safari Proxy Object Type Confusion)
Reference Information
CVE: CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4194, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4244, CVE-2018-4246, CVE-2018-4247, CVE-2018-4249, CVE-2018-4250, CVE-2018-4252, CVE-2018-4330, CVE-2018-4404, CVE-2018-5383
BID: 102772, 103961, 104366, 104378, 104879, 104888, 104889, 104897, 105384
APPLE-SA: APPLE-SA-2018-06-01-4