Vulnerability Name:

CVE-2014-4404 (CCN-96111)

Assigned:2014-09-17
Published:2014-09-17
Updated:2019-03-08
Summary:Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: APPLE
Type: UNKNOWN
APPLE-SA-2014-09-17-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2014-09-17-2

Source: APPLE
Type: UNKNOWN
APPLE-SA-2014-10-16-1

Source: MITRE
Type: CNA
CVE-2014-4404

Source: APPLE
Type: Vendor Advisory
APPLE-SA-2015-04-08-2

Source: CCN
Type: Apple Web site
About the security content of iOS 8

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT6441

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT6442

Source: BID
Type: UNKNOWN
69882

Source: CCN
Type: BID-69882
RETIRED: Apple iOS Prior to iOS 8 and TV Prior to TV 7 Multiple Vulnerabilities

Source: BID
Type: UNKNOWN
69947

Source: CCN
Type: BID-69947
Apple TV and iOS CVE-2014-4404 Heap Based Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1030866

Source: XF
Type: UNKNOWN
appleios-cve20144404-bo(96111)

Source: XF
Type: UNKNOWN
appleios-cve20144404-bo(96111)

Source: CCN
Type: Packet Storm Security [12-02-2014]
Mac OS X IOKit Keyboard Driver Root Privilege Escalation

Source: CONFIRM
Type: Vendor Advisory
https://support.apple.com/HT204659

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT6535

Source: CCN
Type: CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCY
KNOWN EXPLOITED VULNERABILITIES CATALOG

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [12-02-2014]

Vulnerable Configuration:Configuration 1:
  • cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version <= 10.0.2)

    • Configuration 2:
  • cpe:/o:apple:tvos:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:*:*:*:*:*:*:*:* (Version <= 6.2)

    • Configuration 3:
  • cpe:/o:apple:ios:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:*:*:*:*:*:*:*:* (Version <= 7.1.2)

    • Configuration CCN 1:
  • cpe:/o:apple:ios:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:ios:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:tvos:6.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apple mac os x *
    apple tvos 6.0
    apple tvos 6.0.1
    apple tvos 6.0.2
    apple tvos 6.1
    apple tvos 6.1.1
    apple tvos 6.1.2
    apple tvos *
    apple iphone os 7.0
    apple iphone os 7.0.1
    apple iphone os 7.0.2
    apple iphone os 7.0.3
    apple iphone os 7.0.4
    apple iphone os 7.0.5
    apple iphone os 7.0.6
    apple iphone os 7.1
    apple iphone os 7.1.1
    apple iphone os *
    apple ios 7.0
    apple ios 7.0.2
    apple ios 7.0.1
    apple tvos 6.0
    apple tvos 6.1
    apple ios 7.0.6
    apple ios 7.0.5
    apple ios 7.0.4
    apple ios 7.0.3
    apple ios 7.1
    apple tvos 6.0.2
    apple tvos 6.0.1
    apple ios 7.1.1
    apple tvos 6.1.2
    apple tvos 6.1.1