Details of VAR-201507-0420

ID

VAR-201507-0420

CVE

CVE-2015-3726

TITLE

Apple iOS of Telephony Vulnerability to execute arbitrary code in subsystem

Trust: 0.8

sources: JVNDB: JVNDB-2015-003433

DESCRIPTION

The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, perform unauthorized actions, bypass security restrictions, and perform other attacks. Versions prior to iOS 8.4 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Telephony is one of the components that provides telephony functionality

Trust: 1.98

sources: NVD: CVE-2015-3726 // JVNDB: JVNDB-2015-003433 // BID: 75490 // VULHUB: VHN-81687

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lte	version:	8.3	Trust: 1.0
vendor:	apple	model:	ios	scope:	lt	version:	8.4 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	8.4 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	8.4 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	8.3	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3

sources: BID: 75490 // JVNDB: JVNDB-2015-003433 // CNNVD: CNNVD-201507-087 // NVD: CVE-2015-3726

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3726
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3726
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201507-087
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81687
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3726
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-81687
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-81687 // JVNDB: JVNDB-2015-003433 // CNNVD: CNNVD-201507-087 // NVD: CVE-2015-3726

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-81687 // JVNDB: JVNDB-2015-003433 // NVD: CVE-2015-3726

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201507-087

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201507-087

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003433

PATCH

title:	APPLE-SA-2015-06-30-1 iOS 8.4	url:	http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Trust: 0.8
title:	HT204941	url:	http://support.apple.com/en-us/HT204941	Trust: 0.8
title:	HT204941	url:	http://support.apple.com/ja-jp/HT204941	Trust: 0.8
title:	quicktime7.7.7_installer	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56517	Trust: 0.6
title:	osxupd10.10.4	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56516	Trust: 0.6
title:	iPhone7,1_8.4_12H143_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56515	Trust: 0.6

sources: JVNDB: JVNDB-2015-003433 // CNNVD: CNNVD-201507-087

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3726	Trust: 2.8
db:	BID	id:	75490	Trust: 1.4
db:	SECTRACK	id:	1032761	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-003433	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-087	Trust: 0.7
db:	VULHUB	id:	VHN-81687	Trust: 0.1

sources: VULHUB: VHN-81687 // BID: 75490 // JVNDB: JVNDB-2015-003433 // CNNVD: CNNVD-201507-087 // NVD: CVE-2015-3726

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/jun/msg00001.html	Trust: 1.7
url:	http://support.apple.com/kb/ht204941	Trust: 1.7
url:	http://www.securityfocus.com/bid/75490	Trust: 1.1
url:	http://www.securitytracker.com/id/1032761	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3726	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3726	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3

sources: VULHUB: VHN-81687 // BID: 75490 // JVNDB: JVNDB-2015-003433 // CNNVD: CNNVD-201507-087 // NVD: CVE-2015-3726

CREDITS

Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from FireEye, Inc, chaithanya (SegFault) working with HP's Zero Day Initiative, WanderingGlitch of HP's Zero Day Initiative, Matt Spisak of Endgame and Brian W. Gray of Carnegie Mellon University, Craig Young from

Trust: 0.3

sources: BID: 75490

SOURCES

db:	VULHUB	id:	VHN-81687
db:	BID	id:	75490
db:	JVNDB	id:	JVNDB-2015-003433
db:	CNNVD	id:	CNNVD-201507-087
db:	NVD	id:	CVE-2015-3726

LAST UPDATE DATE

2025-04-13T19:36:31.162000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-81687	date:	2016-12-30T00:00:00
db:	BID	id:	75490	date:	2015-07-15T00:52:00
db:	JVNDB	id:	JVNDB-2015-003433	date:	2015-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201507-087	date:	2015-07-10T00:00:00
db:	NVD	id:	CVE-2015-3726	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-81687	date:	2015-07-03T00:00:00
db:	BID	id:	75490	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003433	date:	2015-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201507-087	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-3726	date:	2015-07-03T02:00:17.040