CVE-2017-14315
moderate-risk
Published 2017-09-12
In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings.
Do I need to act?
-
0.78% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (20)
Affected Vendors
References (10)
Third Party Advisory
http://www.securityfocus.com/bid/100816
Technical Description
https://www.armis.com/blueborne
Third Party Advisory
http://www.securityfocus.com/bid/100816
Technical Description
https://www.armis.com/blueborne
45
/ 100
moderate-risk
Severity
20/34 · Moderate
Exploitability
3/34 · Minimal
Exposure
22/34 · High