Bypassing Access Restrictions in Apple's Security Component
CVE-2017-2423 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with an empty signature.
Learn more about our Cis Benchmark Audit For Apple Ios.