Unauthenticated Local Privilege Escalation in Apple iOS Kext Management

Unauthenticated Local Privilege Escalation in Apple iOS Kext Management

CVE-2013-5145 · MEDIUM Severity

AV:L/AC:M/AU:N/C:N/I:C/A:C

kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.

Learn more about our Cis Benchmark Audit For Apple Ios.