Vulnerabilities > CVE-2016-1766 - Unspecified vulnerability in Apple Iphone OS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
Vulnerable Configurations
References
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
- http://www.securitytracker.com/id/1035353
- http://www.securitytracker.com/id/1035353
- http://www.zerodayinitiative.com/advisories/ZDI-16-314
- http://www.zerodayinitiative.com/advisories/ZDI-16-314
- https://support.apple.com/HT206166
- https://support.apple.com/HT206166