Detections
Analytics

Apple iOS < 9.0 Multiple Vulnerabilities

critical Nessus Plugin ID 85987

Language:

Synopsis

The version of iOS running on the mobile device is affected by multiple vulnerabilities.

Description

The mobile device is running a version of iOS prior to version 9.0. It is, therefore, affected by vulnerabilities in the following components :

 - Apple Pay
 - AppleKeyStore
 - Application Store
 - Audio
 - Certificate Trust Policy
 - CFNetwork
 - CFNetwork Cookies
 - CFNetwork FTPProtocol
 - CFNetwork Proxies
 - CFNetwork SSL
 - CommonCrypto
- CoreAnimation
 - CoreCrypto
 - CoreText
 - Data Detectors Engine
 - Dev Tools
 - Disk Images
 - dyld
 - Game Center
 - ICU
 - IOAcceleratorFamily
 - IOHIDFamily
 - IOKit
 - IOMobileFrameBuffer
 - IOStorageFamily
 - iTunes Store
 - JavaScriptCore
 - Kernel
 - libc
 - libpthread
 - Mail
 - Multipeer Connectivity
 - NetworkExtension
 - OpenSSL
 - PluginKit
 - removefile
 - Safari
 - Safari Safe Browsing
 - Security
 - Siri
 - SpringBoard
 - SQLite
 - tidy
 - WebKit
 - WebKit Canvas
 - WebKit Page Loading

Solution

Upgrade to Apple iOS version 9.0 or later.

See Also

https://support.apple.com/en-us/HT205212

Plugin Details

Severity: Critical

ID: 85987

File Name: apple_ios_90_check.nbin

Version: 1.94

Type: local

Published: 9/17/2015

Updated: 9/4/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2015-5903

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/16/2015

Vulnerability Publication Date: 9/16/2015

Reference Information

CVE: CVE-2013-3951, CVE-2014-8146, CVE-2014-8611, CVE-2015-0286, CVE-2015-0287, CVE-2015-1129, CVE-2015-1205, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5748, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5809, CVE-2015-5810, CVE-2015-5811, CVE-2015-5812, CVE-2015-5813, CVE-2015-5814, CVE-2015-5816, CVE-2015-5817, CVE-2015-5818, CVE-2015-5819, CVE-2015-5820, CVE-2015-5821, CVE-2015-5822, CVE-2015-5823, CVE-2015-5824, CVE-2015-5825, CVE-2015-5826, CVE-2015-5827, CVE-2015-5829, CVE-2015-5831, CVE-2015-5832, CVE-2015-5834, CVE-2015-5835, CVE-2015-5837, CVE-2015-5838, CVE-2015-5839, CVE-2015-5840, CVE-2015-5841, CVE-2015-5842, CVE-2015-5843, CVE-2015-5844, CVE-2015-5845, CVE-2015-5846, CVE-2015-5847, CVE-2015-5848, CVE-2015-5850, CVE-2015-5851, CVE-2015-5855, CVE-2015-5856, CVE-2015-5857, CVE-2015-5858, CVE-2015-5859, CVE-2015-5860, CVE-2015-5861, CVE-2015-5862, CVE-2015-5863, CVE-2015-5867, CVE-2015-5868, CVE-2015-5869, CVE-2015-5874, CVE-2015-5876, CVE-2015-5879, CVE-2015-5880, CVE-2015-5882, CVE-2015-5885, CVE-2015-5892, CVE-2015-5895, CVE-2015-5896, CVE-2015-5898, CVE-2015-5899, CVE-2015-5903, CVE-2015-5904, CVE-2015-5905, CVE-2015-5906, CVE-2015-5907, CVE-2015-5912, CVE-2015-5916, CVE-2015-5921

BID: 60440, 71621, 72288, 73225, 73227, 73976, 74457, 75037, 76340, 76763, 76764, 76766

APPLE-SA: APPLE-SA-2015-09-16-1