Timing Vulnerability in MobileStorageMounter Allows Arbitrary Code Execution in Apple iOS and tvOS

Timing Vulnerability in MobileStorageMounter Allows Arbitrary Code Execution in Apple iOS and tvOS

CVE-2015-7051 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

Learn more about our Cis Benchmark Audit For Apple Ios.