CVE-2016-7634

Published: Feb 20, 2017Modified: May 13, 2026

4.6

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Accessibility" component, which accepts spoken passwords without considering that they are locally audible.

Affected (1)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 10.1.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securityfocus.com/bid/94850

Source: product-security@apple.com

http://www.securitytracker.com/id/1037429

Source: product-security@apple.com

https://support.apple.com/HT207422

Source: product-security@apple.com

http://www.securityfocus.com/bid/94850

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1037429

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/HT207422

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.