Remote Code Execution via Quick Look in iOS 10.3 and earlier

Remote Code Execution via Quick Look in iOS 10.3 and earlier

CVE-2017-2404 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary numbers via a tel: URL in a PDF document, as exploited in the wild in October 2016.

Learn more about our Cis Benchmark Audit For Apple Ios.