CVE-2016-7653: Infoleak
First published: Mon Feb 20 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Media Player" component, which allows physically proximate attackers to obtain sensitive photo and contact information by leveraging lockscreen access.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iPhone OS | <=10.1.1 | |
| <=10.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-7653?
CVE-2016-7653 is considered a high-severity vulnerability due to the potential for unauthorized access to sensitive information.
What versions of iOS are affected by CVE-2016-7653?
CVE-2016-7653 affects iOS versions before 10.2, specifically iOS 10.1.1 and earlier.
How do I fix CVE-2016-7653?
To fix CVE-2016-7653, upgrade to iOS version 10.2 or later.
What does CVE-2016-7653 exploit?
CVE-2016-7653 exploits the Media Player component to gain access to sensitive photos and contacts through lockscreen access.
Who can exploit CVE-2016-7653?
CVE-2016-7653 can be exploited by physically proximate attackers who can access the device's lockscreen.
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/event
- vendor/apple
- canonical/iphone os
- version/iphone os/10.1.1