VARIoT IoT vulnerabilities database

The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector. F5 BIG-IP APM Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. F5BIG-IP is a load balancer that uses a variety of allocation algorithms to distribute network requests to available servers in a server cluster. By managing incoming web data traffic and increasing effective network bandwidth, network visitors get as much as possible. The hardware device for the best networking experience. A denial of service vulnerability exists in F5BIG-IPAPM. A remote attacker could exploit this vulnerability to cause the service to restart, resulting in a denial of service condition. F5 BIG-IP APM is prone to a remote denial-of-service vulnerability. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The solution provides unified access to business-critical applications and networks. TMM SSO is one of the single sign-on plug-ins used to execute the traffic management service process. An attacker could exploit this vulnerability to temporarily disrupt traffic with malformed and signed SAML authentication requests. The following products and versions are affected: F5 BIG-IP APM version 12.0.0 to version 12.1.1; version 11.6.0 to version 11.6.1 HF1; version 11.5.4 to version 11.5.4 HF2

Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone. Mate 9 Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiMate9 is a smartphone from China's Huawei (huawei) company. PhoneFinder is one of the security mechanisms. It is mainly used to ensure that the phone will not be flashed or restored after the phone is lost or stolen

Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen. Huawei smartphone Honor 6X Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiHonor6X is a smartphone from China's Huawei company. Multiple Huawei Honor are prone to a local security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions. Huawei Honor6X Berlin-L22C636B150 and prior versions are affected

Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156). Broadcom BCM4339 SoC is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to run arbitrary code within the context of the affected application. Failed exploit attempts may result in denial-of-service conditions. BCM4339 6.37.34.40 is vulnerable; other versions may also be vulnerable. Broadcom: Stack buffer overflow when parsing CCKM reassociation response CVE-2017-6957 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow fast roaming between access points in a wireless network, the Broadcom firmware supports Cisco's "CCKM Fast and Secure Roaming" feature, allowing a client to roam to a new AP quickly. Note this is a different implementation to IEEE 802.11r-2008 FT. When a client decides to roam to a different AP in a CCKM network, they first send a reassociation request to the AP containing a Cisco-specific information element. This AP responds by sending a reassociation response frame also containing a Cisco-specific IE (156). This IE is then parsed by the firmware in order to make sure it is valid, before completing the reassociation process. A packet capture containing this process can be found here: <a href="https://mrncciew.files.wordpress.com/2014/09/7921-cckm-roaming-to-lap1.zip" title="" class="" rel="nofollow">https://mrncciew.files.wordpress.com/2014/09/7921-cckm-roaming-to-lap1.zip</a> On the BCM4339 SoC with firmware version 6.37.34.40 the reassociation response in handled by ROM function 0x78D04. This function first retrieves the Cisco-specific IE. Then, it proceeds to check that the IE is valid, by calling function 0x794F8. This function performs four validations: 1. Bytes [2:4] of the IE match Cisco's OUI (00-40-96) 2. Byte 5 of the IE is zero 3. (IE[20] | (IE[21] << 8)) + 30 == IE[1] + 2 (where IE[1] is the IE's length field) 4. Bytes [6:9] of the IE match bytes [14:17] of the IE in the reassociation request (see packet capture) If the IE passes the checks described above, the function proceeds to call ROM function 0x79390. This function unpacks data from the IE, and has approximately the following high-level logic: 1. void function_79390(void* unk, char* ie, char* buf) { 2. char buffer[128]; 3. memcpy(buffer, ..., 6); buffer += 6; 4. 5. memcpy(buffer, ie + 6, 4); buffer += 4; 6. *buffer = ie[10]; buffer += 1; 7. *buffer = ie[11]; buffer += 1; 8. memcpy(buffer, ie + 12, 8); buffer += 8; 9. memcpy(buffer, ie + 20, 2); buffer += 2; 10. memcpy(buffer, ie + 30, ie[20] | (ie[21] << 8)); 11. 12. } As can be seen above, line 10 performs a memcpy into the stack-allocated buffer ("buffer"), using the value "ie[20] | (ie[21] << 8)" as the length field. However, as we've previously seen, the only validation performed on these two bytes is that: (ie[20] | (ie[21] << 8)) + 30 == ie[1] + 2 This means an attacker could craft a reassociation response frame containing a Cisco IE (156) as follows: 1. IE[2:4] = 0x00 0x40 0x96 2. IE[5] = 0 3. IE[20] | (IE[21] << 8) = 227 4. IE[1] = 255 5. IE[6:9] = REQIE[14:17] This IE satisfies all the constraints validated by function 0x794F8. However, when the IE is the passed into function 0x79390, it will cause memcpy operation at line 10 in the code above to exceed the buffer's bounds, trigger a stack buffer overflow with attacker controlled data. It should be noted that there is no stack cookie mitigation in the BCM4339 firmware, meaning an attacker would not require an additional vulnerability primitive in order to gain code execution using this vulnerability. I've verified this vulnerability statically on the BCM4339 chip with firmware version 6.37.34.40 (as present on the Nexus 5). However, I believe this vulnerability's scope includes a wider range of Broadcom SoCs and versions. This bug is subject to a 90 day disclosure deadline. If 90 days elapse without a broadly available patch, then the bug report will automatically become visible to the public. Found by: laginimaineb

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. A security vulnerability exists in the Quick Look component of Apple macOS High Sierra prior to 10.13.1

Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious application and application can access Hilink APP data. Huawei Hilink APP for IOS is a unified management platform application for network connection terminals based on the IOS platform of China Huawei (Huawei)

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via an HTML email message. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. An attacker could exploit this vulnerability to determine the recipient's IP address

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Keyboard Suggestions" component. It allows attackers to obtain sensitive information by reading keyboard autocorrect suggestions. Apple iOS is prone to multiple security vulnerabilities. Versions prior to Apple iOS 11 are vulnerable

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action. Apple iOS of Phone Components contain vulnerabilities that can capture important information.An attacker could get important information by taking advantage of a timing bug that allows screenshots of secure content during lock operations. Apple iOS is prone to multiple security vulnerabilities. Versions prior to Apple iOS 11 are vulnerable. An attacker could exploit this vulnerability to read screenshots containing secure content

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Apple Xcode is prone to multiple memory corruption vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 9 are vulnerable. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the linker components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-19-3 Xcode 9 Xcode 9 is now available and addresses the following: Git Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An ssh:// URL scheme handling issue was addressed through improved input validation. CVE-2017-7076: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7134: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7135: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7136: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7137: riusksk (ae3aY=) of Tencent Security Platform Department subversion Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An input validation issue was addressed through improved input validation. CVE-2017-9800 Installation note: Xcode 9 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "9". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwVI5AAoJEIOj74w0bLRG//MQAMZhTTHk4DQEuoWwW7U63c+R TVo7gRf4AVVQWJ+4FU4fT/I0l8IuxhTOfG14+sumHtsOIQV0evsAGeA9k4+RAgo8 N1DIJ3mZxYobd8KfP0DXt8fX4yfjYtLmTDJqMRvGZ6765UK+ctRQYCuN/+TWR0BM CyU6UqVQVhN+Z/Lgg8CnK2KTFbykMCHgZ7EYrwIhY3z9SvOiFCakXxUlZkLcziov 7Mkr/BKv6YlMVB+r/keuifLn2fOxa51Ic+k/n1Vb5wBmOEA2DH0w8NaBJeA/aPNd Cgwj750S0gjPG7Zk/IAOy17TJJzor2Ewrvb6wNQB5zzb32TScw58mOzydyLg0jBl j0D1k7d2+f31utzkT9gcvkq6490HginWdmUzwXuZV8dMz/Bwc4dJlF7u9gXBGrZe SymSagb28TxFVZHHO7nOVuydmafgB4tSJ9yQq4vASDbOso0pScPuAw6FhpPBaKb+ IiLpYJOOO2pJpSfgq0Z3U/rV7X2WBGcRJoJLYNXVQyyyCEXmMIAzEurn3nXUh75f LKMZxT1i3Q37KfSxOmx3o7bh9MeE3/FrZQsYRFunCAESAxn3s+JoF+EMXSjC0k5V t5mz1t+qaPkI1cQYXRxi/PwfcXUqNtXwdngrr3dVXqL8V+Yx9oVWQiC1OB60aP4i qcRPihCW7/qqjks6q8Ew =Bzk4 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Apple Xcode is prone to multiple memory corruption vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 9 are vulnerable. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the linker components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-19-3 Xcode 9 Xcode 9 is now available and addresses the following: Git Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An ssh:// URL scheme handling issue was addressed through improved input validation. CVE-2017-7076: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7134: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7135: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7136: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7137: riusksk (ae3aY=) of Tencent Security Platform Department subversion Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An input validation issue was addressed through improved input validation. CVE-2017-9800 Installation note: Xcode 9 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "9". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwVI5AAoJEIOj74w0bLRG//MQAMZhTTHk4DQEuoWwW7U63c+R TVo7gRf4AVVQWJ+4FU4fT/I0l8IuxhTOfG14+sumHtsOIQV0evsAGeA9k4+RAgo8 N1DIJ3mZxYobd8KfP0DXt8fX4yfjYtLmTDJqMRvGZ6765UK+ctRQYCuN/+TWR0BM CyU6UqVQVhN+Z/Lgg8CnK2KTFbykMCHgZ7EYrwIhY3z9SvOiFCakXxUlZkLcziov 7Mkr/BKv6YlMVB+r/keuifLn2fOxa51Ic+k/n1Vb5wBmOEA2DH0w8NaBJeA/aPNd Cgwj750S0gjPG7Zk/IAOy17TJJzor2Ewrvb6wNQB5zzb32TScw58mOzydyLg0jBl j0D1k7d2+f31utzkT9gcvkq6490HginWdmUzwXuZV8dMz/Bwc4dJlF7u9gXBGrZe SymSagb28TxFVZHHO7nOVuydmafgB4tSJ9yQq4vASDbOso0pScPuAw6FhpPBaKb+ IiLpYJOOO2pJpSfgq0Z3U/rV7X2WBGcRJoJLYNXVQyyyCEXmMIAzEurn3nXUh75f LKMZxT1i3Q37KfSxOmx3o7bh9MeE3/FrZQsYRFunCAESAxn3s+JoF+EMXSjC0k5V t5mz1t+qaPkI1cQYXRxi/PwfcXUqNtXwdngrr3dVXqL8V+Yx9oVWQiC1OB60aP4i qcRPihCW7/qqjks6q8Ew =Bzk4 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Apple Xcode is prone to multiple memory corruption vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 9 are vulnerable. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the linker components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-19-3 Xcode 9 Xcode 9 is now available and addresses the following: Git Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An ssh:// URL scheme handling issue was addressed through improved input validation. CVE-2017-7076: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7134: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7135: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7136: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7137: riusksk (ae3aY=) of Tencent Security Platform Department subversion Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An input validation issue was addressed through improved input validation. CVE-2017-9800 Installation note: Xcode 9 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "9". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwVI5AAoJEIOj74w0bLRG//MQAMZhTTHk4DQEuoWwW7U63c+R TVo7gRf4AVVQWJ+4FU4fT/I0l8IuxhTOfG14+sumHtsOIQV0evsAGeA9k4+RAgo8 N1DIJ3mZxYobd8KfP0DXt8fX4yfjYtLmTDJqMRvGZ6765UK+ctRQYCuN/+TWR0BM CyU6UqVQVhN+Z/Lgg8CnK2KTFbykMCHgZ7EYrwIhY3z9SvOiFCakXxUlZkLcziov 7Mkr/BKv6YlMVB+r/keuifLn2fOxa51Ic+k/n1Vb5wBmOEA2DH0w8NaBJeA/aPNd Cgwj750S0gjPG7Zk/IAOy17TJJzor2Ewrvb6wNQB5zzb32TScw58mOzydyLg0jBl j0D1k7d2+f31utzkT9gcvkq6490HginWdmUzwXuZV8dMz/Bwc4dJlF7u9gXBGrZe SymSagb28TxFVZHHO7nOVuydmafgB4tSJ9yQq4vASDbOso0pScPuAw6FhpPBaKb+ IiLpYJOOO2pJpSfgq0Z3U/rV7X2WBGcRJoJLYNXVQyyyCEXmMIAzEurn3nXUh75f LKMZxT1i3Q37KfSxOmx3o7bh9MeE3/FrZQsYRFunCAESAxn3s+JoF+EMXSjC0k5V t5mz1t+qaPkI1cQYXRxi/PwfcXUqNtXwdngrr3dVXqL8V+Yx9oVWQiC1OB60aP4i qcRPihCW7/qqjks6q8Ew =Bzk4 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Apple Xcode is prone to multiple memory corruption vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 9 are vulnerable. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the linker components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-19-3 Xcode 9 Xcode 9 is now available and addresses the following: Git Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An ssh:// URL scheme handling issue was addressed through improved input validation. CVE-2017-7076: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7134: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7135: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7136: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-7137: riusksk (ae3aY=) of Tencent Security Platform Department subversion Available for: macOS Sierra 10.12.6 or later Impact: Checking out a maliciously crafted repository may lead to arbitrary code execution Description: An input validation issue was addressed through improved input validation. CVE-2017-9800 Installation note: Xcode 9 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "9". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwVI5AAoJEIOj74w0bLRG//MQAMZhTTHk4DQEuoWwW7U63c+R TVo7gRf4AVVQWJ+4FU4fT/I0l8IuxhTOfG14+sumHtsOIQV0evsAGeA9k4+RAgo8 N1DIJ3mZxYobd8KfP0DXt8fX4yfjYtLmTDJqMRvGZ6765UK+ctRQYCuN/+TWR0BM CyU6UqVQVhN+Z/Lgg8CnK2KTFbykMCHgZ7EYrwIhY3z9SvOiFCakXxUlZkLcziov 7Mkr/BKv6YlMVB+r/keuifLn2fOxa51Ic+k/n1Vb5wBmOEA2DH0w8NaBJeA/aPNd Cgwj750S0gjPG7Zk/IAOy17TJJzor2Ewrvb6wNQB5zzb32TScw58mOzydyLg0jBl j0D1k7d2+f31utzkT9gcvkq6490HginWdmUzwXuZV8dMz/Bwc4dJlF7u9gXBGrZe SymSagb28TxFVZHHO7nOVuydmafgB4tSJ9yQq4vASDbOso0pScPuAw6FhpPBaKb+ IiLpYJOOO2pJpSfgq0Z3U/rV7X2WBGcRJoJLYNXVQyyyCEXmMIAzEurn3nXUh75f LKMZxT1i3Q37KfSxOmx3o7bh9MeE3/FrZQsYRFunCAESAxn3s+JoF+EMXSjC0k5V t5mz1t+qaPkI1cQYXRxi/PwfcXUqNtXwdngrr3dVXqL8V+Yx9oVWQiC1OB60aP4i qcRPihCW7/qqjks6q8Ew =Bzk4 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. Apple iOS is prone to multiple security vulnerabilities. Successful exploits will allow attackers to perform unauthorized actions, or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Apple iOS 11 are vulnerable. MobileBackup is one of the system backup components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-19-1 iOS 11 iOS 11 is now available and addresses the following: Exchange ActiveSync Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to erase a device during Exchange account setup Description: A validation issue existed in AutoDiscover V1. This issue was addressed through requiring TLS. CVE-2017-7088: Ilya Nesterov, Maxim Goncharov iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7072: JAdrzej Krysztofiak Mail MessageUI Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A memory corruption issue was addressed with improved validation. CVE-2017-7097: Xinshu Dong and Jun Hao Tan of Anquan Capital Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A denial of service issue was addressed through improved validation. CVE-2017-7118: Kiki Jiang and Jason Tokoph MobileBackup Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Backup may perform an unencrypted backup despite a requirement to perform only encrypted backups Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2017-7133: Don Sparks of HackediOS.com Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7085: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management. CVE-2017-7089: Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7106: Oliver Paukstadt of Thinking Objects GmbH (to.com) Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "11". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwVI3AAoJEIOj74w0bLRGSncQAMxcG5XB4dncEVU3cTFGO0e/ LVQJzWpK50Lwr7kM+1CV3Nh9oa9b6+3f2hh9vYJ34OHPJbUEasqrZmAFiDjbJoZn 46e34Rxwk7+oGXSFUS15SEAxAsctTCG3redczoZy/7k75q1z/lq1KZPD9WKCoieP m30OuTsEy3x9UZpJ5xcGJXTCy1LE6kFeGtcNBc7T2JBDXR2Y/4inQvIqhhj15Cg+ o6kvRVcUIysDTbeEB2WNRWQn6uKWw/Gl0eg9wei2dMzkbNUIEOSVhPoOCrnLLkQb Ud/YpIYCDn8Uy9on9bnVRa8ZOg0Yx52tuZJ920vu4+8xnSyBvkmSy7AtSU9IZ5SW QLHYuDSECo+nW7xPuFHce2KkUHcZrzAHKpJBGpruq2IX7Vfz5/1w0YJU93pwj5Sy A68JREYoThj/Ath+nPZAvUXUHR0sLXgRlBWUfwo1UsXt4lsVy+b7b0wQP/wX1atz 6/c72oChTp5c8VWlfajHadC6EmLRuBYoLW8HxlemyWU+RZDNjMMb11ytL/vg+VOL 51u+BjCs/6BIJI6+mirfG+XK/DVjStgy5W3atup5yEJXy8ouWyBT4vi1PJgjqQOh 0s4G3yE0J38pvtbCFtSb7VOJBh4ocFz7ggeZ5Z3tSQsawtSlcTfl3+93rJ87yRQG 4UIRwN/cWfzukSyrDAis =ufig -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app. Apple iOS is prone to multiple security vulnerabilities. Versions prior to Apple iOS 11 are vulnerable. An attacker could exploit this vulnerability with a specially crafted application to access restricted files

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. SQLite is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. SQLite 3.19.3 and prior are vulnerable. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp. A security vulnerability exists in versions of the SQLite component prior to 3.19.3 in several Apple products. The following products and versions are affected: Apple macOS prior to 10.13 High Sierra; prior to iOS 11; prior to tvOS 11; prior to watchOS 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-5 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 watchOS 4 addresses the following: CFNetwork Proxies Available for: All Apple Watch models Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. Entry added September 25, 2017 CoreAudio Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Entry added September 25, 2017 Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 Entry added September 25, 2017 libexpat Available for: All Apple Watch models Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Entry added September 25, 2017 Security Available for: All Apple Watch models Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: an anonymous researcher, Sven Driemecker of adesso mobile solutions gmbh, an anonymous researcher, Rune Darrud (@theflyingcorpse) of BA|rum kommune Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher Entry added September 25, 2017 Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero zlib Available for: All Apple Watch models Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Entry added September 25, 2017 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQgAAoJEIOj74w0bLRGqL0QAIfT73f98ConKBEM8SMpm/g/ CtIS26bKtiSIniKWXjj0CHRcnFT4FPos5md2yNhBOTWIgChGtulnORWSowWu2RtI LVxqskUc97e6LLoTzFc8AM8q6b3Km2cx7C2iVNZWFrLO/JeDHfC8x2pMCgAT8Bx4 Q5FbDIGwD5+w+UYHgIVytqEPvt29OEwOBi41/f78Bvqj1oMf5+EQGjMFU+pECWGg zDucvK0iirv+5k5YcovpiQlaqx0QBPTMcaZJQLDY3t6k2RpdJZr5M7xd4Oanu0l1 E2blAl4CWN8zSQkdUfMdlamXYWwOvyv4b9iKb0+sKeLWHpWbaQ/LmOHuPHjvFgRq YWE72P3l5IVWSPZfgsUvD+70uHAobv70MB5O+TQnbLCemnwqq19psez8PMYR2fTF OfV0Dr6mpsa2GAVexNesEodlLz5a7kdjiBEAIUujJZzL8bVGdHjNll2qxHZCwlUW mWrxqot2QnymQ7Ycs1mGxg/97snO1eGT44BjVpQ47COSzI+YBhg2lLP15sGdRbF5 viCWhLkJGNBUN7naV/Jsj8sJNW0RBC1tkEz9cfRBLkU7ObtkJCORTwnmiz0jNzQf gvtVsBC+nBAlJA40Do1lB8rQw1yyizcUmckDywcJg7MatkwIymdgashIR/LVeBHR 39wnv7L2yjedzyd+/y5E =ACi9 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. SQLite is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. SQLite 3.19.3 and prior are vulnerable. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp. A security vulnerability exists in versions of the SQLite component prior to 3.19.3 in several Apple products. The following products and versions are affected: Apple macOS prior to 10.13 High Sierra; prior to iOS 11; prior to tvOS 11; prior to watchOS 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-5 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 watchOS 4 addresses the following: CFNetwork Proxies Available for: All Apple Watch models Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. Entry added September 25, 2017 CoreAudio Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Entry added September 25, 2017 Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 Entry added September 25, 2017 libexpat Available for: All Apple Watch models Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Entry added September 25, 2017 Security Available for: All Apple Watch models Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: an anonymous researcher, Sven Driemecker of adesso mobile solutions gmbh, an anonymous researcher, Rune Darrud (@theflyingcorpse) of BA|rum kommune Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher Entry added September 25, 2017 Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero zlib Available for: All Apple Watch models Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Entry added September 25, 2017 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQgAAoJEIOj74w0bLRGqL0QAIfT73f98ConKBEM8SMpm/g/ CtIS26bKtiSIniKWXjj0CHRcnFT4FPos5md2yNhBOTWIgChGtulnORWSowWu2RtI LVxqskUc97e6LLoTzFc8AM8q6b3Km2cx7C2iVNZWFrLO/JeDHfC8x2pMCgAT8Bx4 Q5FbDIGwD5+w+UYHgIVytqEPvt29OEwOBi41/f78Bvqj1oMf5+EQGjMFU+pECWGg zDucvK0iirv+5k5YcovpiQlaqx0QBPTMcaZJQLDY3t6k2RpdJZr5M7xd4Oanu0l1 E2blAl4CWN8zSQkdUfMdlamXYWwOvyv4b9iKb0+sKeLWHpWbaQ/LmOHuPHjvFgRq YWE72P3l5IVWSPZfgsUvD+70uHAobv70MB5O+TQnbLCemnwqq19psez8PMYR2fTF OfV0Dr6mpsa2GAVexNesEodlLz5a7kdjiBEAIUujJZzL8bVGdHjNll2qxHZCwlUW mWrxqot2QnymQ7Ycs1mGxg/97snO1eGT44BjVpQ47COSzI+YBhg2lLP15sGdRbF5 viCWhLkJGNBUN7naV/Jsj8sJNW0RBC1tkEz9cfRBLkU7ObtkJCORTwnmiz0jNzQf gvtVsBC+nBAlJA40Do1lB8rQw1yyizcUmckDywcJg7MatkwIymdgashIR/LVeBHR 39wnv7L2yjedzyd+/y5E =ACi9 -----END PGP SIGNATURE-----

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. SQLite is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. SQLite 3.19.3 and prior are vulnerable. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp. A security vulnerability exists in versions of the SQLite component prior to 3.19.3 in several Apple products. The following products and versions are affected: Apple macOS prior to 10.13 High Sierra; prior to iOS 11; prior to tvOS 11; prior to watchOS 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-5 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 watchOS 4 addresses the following: CFNetwork Proxies Available for: All Apple Watch models Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. Entry added September 25, 2017 CoreAudio Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Entry added September 25, 2017 Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google Entry added September 25, 2017 libc Available for: All Apple Watch models Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 Entry added September 25, 2017 libexpat Available for: All Apple Watch models Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Entry added September 25, 2017 Security Available for: All Apple Watch models Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: an anonymous researcher, Sven Driemecker of adesso mobile solutions gmbh, an anonymous researcher, Rune Darrud (@theflyingcorpse) of BA|rum kommune Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz Entry added September 25, 2017 SQLite Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher Entry added September 25, 2017 Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero zlib Available for: All Apple Watch models Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Entry added September 25, 2017 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQgAAoJEIOj74w0bLRGqL0QAIfT73f98ConKBEM8SMpm/g/ CtIS26bKtiSIniKWXjj0CHRcnFT4FPos5md2yNhBOTWIgChGtulnORWSowWu2RtI LVxqskUc97e6LLoTzFc8AM8q6b3Km2cx7C2iVNZWFrLO/JeDHfC8x2pMCgAT8Bx4 Q5FbDIGwD5+w+UYHgIVytqEPvt29OEwOBi41/f78Bvqj1oMf5+EQGjMFU+pECWGg zDucvK0iirv+5k5YcovpiQlaqx0QBPTMcaZJQLDY3t6k2RpdJZr5M7xd4Oanu0l1 E2blAl4CWN8zSQkdUfMdlamXYWwOvyv4b9iKb0+sKeLWHpWbaQ/LmOHuPHjvFgRq YWE72P3l5IVWSPZfgsUvD+70uHAobv70MB5O+TQnbLCemnwqq19psez8PMYR2fTF OfV0Dr6mpsa2GAVexNesEodlLz5a7kdjiBEAIUujJZzL8bVGdHjNll2qxHZCwlUW mWrxqot2QnymQ7Ycs1mGxg/97snO1eGT44BjVpQ47COSzI+YBhg2lLP15sGdRbF5 viCWhLkJGNBUN7naV/Jsj8sJNW0RBC1tkEz9cfRBLkU7ObtkJCORTwnmiz0jNzQf gvtVsBC+nBAlJA40Do1lB8rQw1yyizcUmckDywcJg7MatkwIymdgashIR/LVeBHR 39wnv7L2yjedzyd+/y5E =ACi9 -----END PGP SIGNATURE-----

A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353. Vendors have confirmed this vulnerability Bug ID CSCup70353 It is released as.Service operation interruption (DoS) An attack may be carried out. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices