Skip to main content

Watchos CVE-2016-7657

LOW
Improper Input Validation (CWE-20)
2017-02-20 product-security@apple.com
3.3
CVSS 3.0 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 20, 2017 - 08:59 cve.org
LOW 3.3

DescriptionCVE.org

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

AnalysisAI

An issue was discovered in certain Apple products. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app. Affected products include: Apple Watchos, Apple Mac Os X, Apple Iphone Os. Version information: before 10.2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-13861 HIGH POC
7.8 Dec 25

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authenticati

CVE-2016-0801 CRITICAL POC
9.8 Feb 07

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01

CVE-2025-31277 HIGH POC
8.8 Jul 30

WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing malici

CVE-2016-4669 HIGH POC
7.8 Feb 20

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is low attack comp

CVE-2017-2370 HIGH POC
7.8 Feb 20

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authenticati

CVE-2014-8147 HIGH POC
7.5 May 25

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in I

CVE-2017-2524 CRITICAL POC
9.8 May 22

An issue was discovered in certain Apple products. Rated critical severity (CVSS 9.8), this vulnerability is remotely ex

CVE-2017-7047 HIGH POC
8.8 Jul 20

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi

CVE-2015-7112 CRITICAL POC
9.3 Dec 11

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attacke

CVE-2017-2471 HIGH POC
8.8 Apr 02

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi

CVE-2022-48618 HIGH
7.0 Jan 09

The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev)

CVE-2022-37434 CRITICAL POC
9.8 Aug 05

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header

Share

CVE-2016-7657 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy