CVE-2014-1360

Published: Jul 1, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.

Affected (9)

Products: Apple: Iphone Os

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 7.1.1
Apple Iphone Os	Version 7.0.1
Apple Iphone Os	Version 7.0.2
Apple Iphone Os	Version 7.0.3
Apple Iphone Os	Version 7.0.4
Apple Iphone Os	Version 7.0.5
Apple Iphone Os	Version 7.0.6
Apple Iphone Os	Version 7.0
Apple Iphone Os	Version 7.1

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html

Source: product-security@apple.com

http://support.apple.com/kb/HT6441

Source: product-security@apple.com

http://www.securityfocus.com/bid/68276

Source: product-security@apple.com

http://www.securitytracker.com/id/1030500

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT6441

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030500

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.