First published: Sun Aug 16 2015(Updated: )
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <=8.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.