Timing Bug in iOS Phone Component Allows Unauthorized Access to Secure-Content Screenshots

Timing Bug in iOS Phone Component Allows Unauthorized Access to Secure-Content Screenshots

CVE-2017-7139 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action.

Learn more about our Cis Benchmark Audit For Apple Ios.