Details of VAR-201702-0351

ID

VAR-201702-0351

CVE

CVE-2016-4721

TITLE

Apple iOS and OS X of IDS - Connection component spoofing call vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-007468

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Apple iOS and Mac OS are prone to multiple security-bypass vulnerabilities. Attackers can exploit these issues to bypass security restrictions and perform unauthorized actions. Both Apple iOS and macOS are operating systems of Apple Inc. in the United States. A security vulnerability exists in the IDS-Connectivity component in Apple iOS versions prior to 10.1 and Apple macOS Sierra versions prior to 10.12.1. An attacker could exploit this vulnerability to trick users who are on a multiparty call into believing they are talking to another party

Trust: 1.98

sources: NVD: CVE-2016-4721 // JVNDB: JVNDB-2016-007468 // BID: 94429 // VULHUB: VHN-93540

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.12.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	10.0.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (ipad first 4 after generation )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (iphone 5 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (ipod touch first 6 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	10.0.3	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.0	Trust: 0.6
vendor:	apple	model:	macos	scope:	eq	version:	10.12	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.12.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	10.1	Trust: 0.3

sources: BID: 94429 // JVNDB: JVNDB-2016-007468 // CNNVD: CNNVD-201611-477 // NVD: CVE-2016-4721

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4721
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-4721
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201611-477
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93540
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4721
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-93540
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4721
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-93540 // JVNDB: JVNDB-2016-007468 // CNNVD: CNNVD-201611-477 // NVD: CVE-2016-4721

PROBLEMTYPE DATA

problemtype:

CWE-254

Trust: 1.9

sources: VULHUB: VHN-93540 // JVNDB: JVNDB-2016-007468 // NVD: CVE-2016-4721

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-477

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201611-477

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007468

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-10-24-2 macOS Sierra 10.12.1	url:	https://lists.apple.com/archives/security-announce/2016/Oct/msg00001.html	Trust: 0.8
title:	APPLE-SA-2016-10-24-1 iOS 10.1	url:	https://lists.apple.com/archives/security-announce/2016/Oct/msg00000.html	Trust: 0.8
title:	HT207275	url:	https://support.apple.com/en-us/HT207275	Trust: 0.8
title:	HT207271	url:	https://support.apple.com/en-us/HT207271	Trust: 0.8
title:	HT207275	url:	https://support.apple.com/ja-jp/HT207275	Trust: 0.8
title:	HT207271	url:	https://support.apple.com/ja-jp/HT207271	Trust: 0.8
title:	Apple iOS and Apple macOS Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65814	Trust: 0.6

sources: JVNDB: JVNDB-2016-007468 // CNNVD: CNNVD-201611-477

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4721	Trust: 2.8
db:	BID	id:	94429	Trust: 2.0
db:	JVN	id:	JVNVU90743185	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007468	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-477	Trust: 0.7
db:	VULHUB	id:	VHN-93540	Trust: 0.1

sources: VULHUB: VHN-93540 // BID: 94429 // JVNDB: JVNDB-2016-007468 // CNNVD: CNNVD-201611-477 // NVD: CVE-2016-4721

REFERENCES

url:	http://www.securityfocus.com/bid/94429	Trust: 1.7
url:	https://support.apple.com/ht207271	Trust: 1.7
url:	https://support.apple.com/ht207275	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4721	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90743185/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4721	Trust: 0.8
url:	https://support.apple.com/en-in/ht207271	Trust: 0.3
url:	https://support.apple.com/en-in/ht207275	Trust: 0.3
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3

sources: VULHUB: VHN-93540 // BID: 94429 // JVNDB: JVNDB-2016-007468 // CNNVD: CNNVD-201611-477 // NVD: CVE-2016-4721

CREDITS

Martin Vigo (@martin_vigo) of salesforce.com and Daniel Jalkut of Red Sweater Software.

Trust: 0.9

sources: BID: 94429 // CNNVD: CNNVD-201611-477

SOURCES

db:	VULHUB	id:	VHN-93540
db:	BID	id:	94429
db:	JVNDB	id:	JVNDB-2016-007468
db:	CNNVD	id:	CNNVD-201611-477
db:	NVD	id:	CVE-2016-4721

LAST UPDATE DATE

2025-04-20T22:55:58.159000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-93540	date:	2017-02-21T00:00:00
db:	BID	id:	94429	date:	2016-11-24T00:14:00
db:	JVNDB	id:	JVNDB-2016-007468	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201611-477	date:	2017-03-07T00:00:00
db:	NVD	id:	CVE-2016-4721	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-93540	date:	2017-02-20T00:00:00
db:	BID	id:	94429	date:	2016-11-21T00:00:00
db:	JVNDB	id:	JVNDB-2016-007468	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201611-477	date:	2016-11-23T00:00:00
db:	NVD	id:	CVE-2016-4721	date:	2017-02-20T08:59:01.243