Details of VAR-201306-0345

ID

VAR-201306-0345

CVE

CVE-2013-4616

TITLE

Apple iOS Of preferences generateDefaultPassword Vulnerabilities that can gain access rights in methods

Trust: 0.8

sources: JVNDB: JVNDB-2013-003032

DESCRIPTION

The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases. Apple iOS is prone to an insecure password generation weakness due to an error in the way mobile Wi-Fi hotspot generates default WPA2 passwords. This may aid in further attacks. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. There is a vulnerability in the method of generating DefaultPassword by WifiPasswordController in Preferences in Apple iOS 6 and earlier versions. The vulnerability comes from the fact that the program relies on the UITextChecker suggestWordInLanguage method to select the Wi-Fi hotspot WPA2 PSK password. A remote attacker could exploit this vulnerability through a brute force attack to gain access

Trust: 1.98

sources: NVD: CVE-2013-4616 // JVNDB: JVNDB-2013-003032 // BID: 60616 // VULHUB: VHN-64618

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	eq	version:	5.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	5.1.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.3	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	4.3.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	5.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.3.3	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.3.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	6.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.1.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.2.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1.3	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.2.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.2.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.2.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.3.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.3.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	2.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	4.2.8	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	5.0.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	apple	model:	ios	scope:	lte	version:	6	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	7 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	7 (iphone 4 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	7 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	6.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios beta	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 60616 // JVNDB: JVNDB-2013-003032 // CNNVD: CNNVD-201306-287 // NVD: CVE-2013-4616

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-4616
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-4616
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201306-287
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-64618
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-4616
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-64618
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-64618 // JVNDB: JVNDB-2013-003032 // CNNVD: CNNVD-201306-287 // NVD: CVE-2013-4616

PROBLEMTYPE DATA

problemtype:

CWE-255

Trust: 1.9

sources: VULHUB: VHN-64618 // JVNDB: JVNDB-2013-003032 // NVD: CVE-2013-4616

THREAT TYPE

remote ※ local

Trust: 0.6

sources: CNNVD: CNNVD-201306-287

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201306-287

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003032

PATCH

title:	iOS 6	url:	http://www.apple.com/jp/ios/	Trust: 0.8
title:	APPLE-SA-2013-09-18-2	url:	http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html	Trust: 0.8
title:	HT5934	url:	http://support.apple.com/kb/HT5934	Trust: 0.8
title:	HT5934	url:	http://support.apple.com/kb/HT5934?viewlocale=ja_JP	Trust: 0.8

sources: JVNDB: JVNDB-2013-003032

EXTERNAL IDS

db:	NVD	id:	CVE-2013-4616	Trust: 2.8
db:	SECTRACK	id:	1029054	Trust: 1.1
db:	SECUNIA	id:	54886	Trust: 1.1
db:	JVN	id:	JVNVU98681940	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-003032	Trust: 0.8
db:	CNNVD	id:	CNNVD-201306-287	Trust: 0.7
db:	MLIST	id:	[OWASP-MOBILE-SECURITY-PROJECT] 20130617 CRACKING IOS PERSONAL HOTSPOTS USING A SCRABBLE CROSSWORD GAME WORD LIST	Trust: 0.6
db:	BID	id:	60616	Trust: 0.4
db:	VULHUB	id:	VHN-64618	Trust: 0.1

sources: VULHUB: VHN-64618 // BID: 60616 // JVNDB: JVNDB-2013-003032 // CNNVD: CNNVD-201306-287 // NVD: CVE-2013-4616

REFERENCES

url:	http://lists.owasp.org/pipermail/owasp-mobile-security-project/2013-june/000640.html	Trust: 2.8
url:	http://www1.cs.fau.de/filepool/projects/hotspot/hotspot.pdf	Trust: 2.5
url:	http://www1.cs.fau.de/hotspot	Trust: 2.0
url:	http://lists.apple.com/archives/security-announce/2013/sep/msg00006.html	Trust: 1.4
url:	http://support.apple.com/kb/ht5934	Trust: 1.1
url:	http://www.securitytracker.com/id/1029054	Trust: 1.1
url:	http://secunia.com/advisories/54886	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4616	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu98681940/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4616	Trust: 0.8
url:	http://www.apple.com/iphone/softwareupdate/	Trust: 0.3

sources: VULHUB: VHN-64618 // BID: 60616 // JVNDB: JVNDB-2013-003032 // CNNVD: CNNVD-201306-287 // NVD: CVE-2013-4616

CREDITS

Andreas Kurtz, Daniel Metz, and Felix Freiling

Trust: 0.3

sources: BID: 60616

SOURCES

db:	VULHUB	id:	VHN-64618
db:	BID	id:	60616
db:	JVNDB	id:	JVNDB-2013-003032
db:	CNNVD	id:	CNNVD-201306-287
db:	NVD	id:	CVE-2013-4616

LAST UPDATE DATE

2025-04-11T22:11:17.465000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-64618	date:	2013-10-25T00:00:00
db:	BID	id:	60616	date:	2015-03-19T09:07:00
db:	JVNDB	id:	JVNDB-2013-003032	date:	2013-10-28T00:00:00
db:	CNNVD	id:	CNNVD-201306-287	date:	2013-06-21T00:00:00
db:	NVD	id:	CVE-2013-4616	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-64618	date:	2013-06-18T00:00:00
db:	BID	id:	60616	date:	2013-06-17T00:00:00
db:	JVNDB	id:	JVNDB-2013-003032	date:	2013-06-19T00:00:00
db:	CNNVD	id:	CNNVD-201306-287	date:	2013-06-19T00:00:00
db:	NVD	id:	CVE-2013-4616	date:	2013-06-18T14:55:04.713