CVE-2014-1350

Published: Jul 1, 2014Modified: May 6, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.

Affected (9)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 7.1.1
Apple Iphone Os	Version 7.0.1
Apple Iphone Os	Version 7.0.2
Apple Iphone Os	Version 7.0.3
Apple Iphone Os	Version 7.0.4
Apple Iphone Os	Version 7.0.5
Apple Iphone Os	Version 7.0.6
Apple Iphone Os	Version 7.0
Apple Iphone Os	Version 7.1

Related CWEs

CWE-264

References (6)

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: product-security@apple.com

http://www.securityfocus.com/bid/68276

Source: product-security@apple.com

http://www.securitytracker.com/id/1030500

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030500

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.