Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2014-4494

Disclosure Date: January 30, 2015
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Additional Info

Technical Analysis