Sign-up

ID

VAR-201209-0378


CVE

CVE-2012-3739


TITLE

Apple iOS 6 Passcode Requirement Vulnerability in Implementation of Passcode Lock with Less Than

Trust: 0.8

sources: JVNDB: JVNDB-2012-004543

DESCRIPTION

The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypass an intended passcode requirement via vectors involving use of the camera. Apple iOS for the iPhone, the iPod touch, and the iPad is prone to a security-bypass vulnerability. Successful exploits can allow an attacker with physical access to a vulnerable device to perform unauthorized actions or obtain sensitive information NOTE: This issue was previously discussed in BID 55612 (Apple iPhone/iPad/iPod touch Prior to iOS 6 Multiple Vulnerabilities) but has been given its own record to better document it. Apple iOS is an operating system developed by Apple (Apple) for mobile devices

Trust: 1.98

sources: NVD: CVE-2012-3739 // JVNDB: JVNDB-2012-004543 // BID: 56274 // VULHUB: VHN-57020

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:eqversion:4.3.5

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.3.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.3.2

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:5.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:5.0.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.2.8

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.3.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.3.3

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:4.2.5

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:3.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.0.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:4.0.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.3

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:4.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.4

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.5

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.1.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:4.2.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.1.3

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.2.1

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:5.1.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.2.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:4.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:4.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.1.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.2.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:2.0

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:1.0.2

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:3.1.2

Trust: 1.0

vendor:applemodel:iosscope:ltversion:6 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:6 (iphone 3gs or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:6 (ipod touch no. 4 after generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:5.1.1

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:3.1.3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1.3

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.0.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.3.0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:4.0.1-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:4.0.1-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:4.0-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:4.0-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:4.0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iphone ipadscope:eqversion:3.2.1-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.2-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.2-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1.3-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1.3-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1.2-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1.2-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.1-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.1-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.0.1-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.0.1-

Trust: 0.3

vendor:applemodel:iphone ipodtouchscope:eqversion:3.0-

Trust: 0.3

vendor:applemodel:iphone iphonescope:eqversion:3.0-

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

sources: BID: 56274 // JVNDB: JVNDB-2012-004543 // CNNVD: CNNVD-201209-460 // NVD: CVE-2012-3739

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-3739
value: LOW

Trust: 1.0

NVD: CVE-2012-3739
value: LOW

Trust: 0.8

CNNVD: CNNVD-201209-460
value: LOW

Trust: 0.6

VULHUB: VHN-57020
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2012-3739
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-57020
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-57020 // JVNDB: JVNDB-2012-004543 // CNNVD: CNNVD-201209-460 // NVD: CVE-2012-3739

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-57020 // JVNDB: JVNDB-2012-004543 // NVD: CVE-2012-3739

THREAT TYPE

local

Trust: 0.9

sources: BID: 56274 // CNNVD: CNNVD-201209-460

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201209-460

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-004543

PATCH
title:APPLE-SA-2012-09-19-1url:http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
Trust: 0.8
title:HT5503url:http://support.apple.com/kb/HT5503
Trust: 0.8
title:HT5503url:http://support.apple.com/kb/HT5503?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-004543

EXTERNAL IDS
db:NVDid:CVE-2012-3739
Trust: 2.8
db:JVNDBid:JVNDB-2012-004543
Trust: 0.8
db:CNNVDid:CNNVD-201209-460
Trust: 0.7
db:APPLEid:APPLE-SA-2012-09-19-1
Trust: 0.6
db:BIDid:56274
Trust: 0.4
db:VULHUBid:VHN-57020
Trust: 0.1
sources:
            
            
            VULHUB: VHN-57020 // 
            
            
            
            BID: 56274 // 
            
            
            
            JVNDB: JVNDB-2012-004543 // 
            
            
            
            CNNVD: CNNVD-201209-460 // 
            
            
            
            NVD: CVE-2012-3739

REFERENCES
url:http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html
Trust: 1.7
url:http://support.apple.com/kb/ht5503
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3739
Trust: 0.8
url:http://jvn.jp/cert/jvnvu624491/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3739
Trust: 0.8
url:http://www.apple.com/iphone/softwareupdate/
Trust: 0.3
url:http://www.apple.com/ipad/
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://www.apple.com/ipodtouch/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-57020 // 
            
            
            
            BID: 56274 // 
            
            
            
            JVNDB: JVNDB-2012-004543 // 
            
            
            
            CNNVD: CNNVD-201209-460 // 
            
            
            
            NVD: CVE-2012-3739

CREDITS
Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ)
Trust: 0.3
sources:
            
            
            BID: 56274

SOURCES
db:VULHUBid:VHN-57020
db:BIDid:56274
db:JVNDBid:JVNDB-2012-004543
db:CNNVDid:CNNVD-201209-460
db:NVDid:CVE-2012-3739

LAST UPDATE DATE
2025-04-11T20:14:46.915000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-57020date:2012-09-21T00:00:00
db:BIDid:56274date:2015-03-19T09:36:00
db:JVNDBid:JVNDB-2012-004543date:2012-09-24T00:00:00
db:CNNVDid:CNNVD-201209-460date:2012-09-24T00:00:00
db:NVDid:CVE-2012-3739date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-57020date:2012-09-20T00:00:00
db:BIDid:56274date:2012-09-19T00:00:00
db:JVNDBid:JVNDB-2012-004543date:2012-09-24T00:00:00
db:CNNVDid:CNNVD-201209-460date:2012-09-24T00:00:00
db:NVDid:CVE-2012-3739date:2012-09-20T21:55:04.187