Sign-up

ID

VAR-201702-0216


CVE

CVE-2016-7617


TITLE

Apple macOS of Bluetooth Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2016-007394

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of the AppleBroadcomBluetoothHostController kext. The issue results from the lack of proper validation of user-supplied data which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges under the context of the kernel. Apple macOS is prone to multiple security vulnerabilities

Trust: 2.61

sources: NVD: CVE-2016-7617 // JVNDB: JVNDB-2016-007394 // ZDI: ZDI-16-644 // BID: 94903 // VULHUB: VHN-96437

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.12.1

Trust: 1.4

vendor:applemodel:mac os xscope:lteversion:10.12.1

Trust: 1.0

vendor:applemodel:os xscope: - version: -

Trust: 0.7

vendor:applemodel:macosscope:eqversion:10.12.1

Trust: 0.3

vendor:applemodel:macosscope:neversion:10.12.2

Trust: 0.3

sources: ZDI: ZDI-16-644 // BID: 94903 // JVNDB: JVNDB-2016-007394 // CNNVD: CNNVD-201612-490 // NVD: CVE-2016-7617

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7617
value: HIGH

Trust: 1.0

NVD: CVE-2016-7617
value: HIGH

Trust: 0.8

ZDI: CVE-2016-7617
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201612-490
value: CRITICAL

Trust: 0.6

VULHUB: VHN-96437
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-7617
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2016-7617
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-96437
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7617
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-16-644 // VULHUB: VHN-96437 // JVNDB: JVNDB-2016-007394 // CNNVD: CNNVD-201612-490 // NVD: CVE-2016-7617

PROBLEMTYPE DATA

problemtype:CWE-704

Trust: 1.9

sources: VULHUB: VHN-96437 // JVNDB: JVNDB-2016-007394 // NVD: CVE-2016-7617

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-490

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201612-490

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-007394

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-96437

PATCH
title:HT207423url:https://support.apple.com/en-us/HT207423
Trust: 1.5
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-12-13-1 macOS 10.12.2url:https://lists.apple.com/archives/security-announce/2016/Dec/msg00003.html
Trust: 0.8
title:HT207423url:https://support.apple.com/ja-jp/HT207423
Trust: 0.8
title:Apple macOS Sierra Bluetooth Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66524
Trust: 0.6
sources:
            
            
            ZDI: ZDI-16-644 // 
            
            
            
            JVNDB: JVNDB-2016-007394 // 
            
            
            
            CNNVD: CNNVD-201612-490

EXTERNAL IDS
db:NVDid:CVE-2016-7617
Trust: 3.5
db:BIDid:94903
Trust: 2.0
db:SECTRACKid:1037469
Trust: 1.1
db:EXPLOIT-DBid:40952
Trust: 1.1
db:JVNid:JVNVU97133642
Trust: 0.8
db:JVNDBid:JVNDB-2016-007394
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4019
Trust: 0.7
db:ZDIid:ZDI-16-644
Trust: 0.7
db:CNNVDid:CNNVD-201612-490
Trust: 0.7
db:EXPLOIT-DBid:44237
Trust: 0.1
db:PACKETSTORMid:140252
Trust: 0.1
db:VULHUBid:VHN-96437
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-644 // 
            
            
            
            VULHUB: VHN-96437 // 
            
            
            
            BID: 94903 // 
            
            
            
            JVNDB: JVNDB-2016-007394 // 
            
            
            
            CNNVD: CNNVD-201612-490 // 
            
            
            
            NVD: CVE-2016-7617

REFERENCES
url:http://www.securityfocus.com/bid/94903
Trust: 1.7
url:https://support.apple.com/ht207423
Trust: 1.7
url:https://www.exploit-db.com/exploits/40952/
Trust: 1.1
url:http://www.securitytracker.com/id/1037469
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7617
Trust: 0.8
url:http://jvn.jp/vu/jvnvu97133642/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7617
Trust: 0.8
url:https://support.apple.com/en-us/ht207423
Trust: 0.7
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-16-644 // 
            
            
            
            VULHUB: VHN-96437 // 
            
            
            
            BID: 94903 // 
            
            
            
            JVNDB: JVNDB-2016-007394 // 
            
            
            
            CNNVD: CNNVD-201612-490 // 
            
            
            
            NVD: CVE-2016-7617

CREDITS
Radu Motspan
Trust: 0.7
sources:
            
            
            ZDI: ZDI-16-644

SOURCES
db:ZDIid:ZDI-16-644
db:VULHUBid:VHN-96437
db:BIDid:94903
db:JVNDBid:JVNDB-2016-007394
db:CNNVDid:CNNVD-201612-490
db:NVDid:CVE-2016-7617

LAST UPDATE DATE
2024-11-23T19:30:18.897000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-16-644date:2016-12-15T00:00:00
db:VULHUBid:VHN-96437date:2017-09-03T00:00:00
db:BIDid:94903date:2016-12-20T00:09:00
db:JVNDBid:JVNDB-2016-007394date:2017-02-28T00:00:00
db:CNNVDid:CNNVD-201612-490date:2017-02-28T00:00:00
db:NVDid:CVE-2016-7617date:2024-11-21T02:58:18.687

SOURCES RELEASE DATE
db:ZDIid:ZDI-16-644date:2016-12-15T00:00:00
db:VULHUBid:VHN-96437date:2017-02-20T00:00:00
db:BIDid:94903date:2016-12-13T00:00:00
db:JVNDBid:JVNDB-2016-007394date:2017-02-28T00:00:00
db:CNNVDid:CNNVD-201612-490date:2016-12-15T00:00:00
db:NVDid:CVE-2016-7617date:2017-02-20T08:59:02.697