Bypassing First-Launch Restrictions in Apple iOS Springboard

Bypassing First-Launch Restrictions in Apple iOS Springboard

CVE-2014-4494 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.

Learn more about our Cis Benchmark Audit For Apple Ios.