// For flags

CVE-2010-4012

 

Time Line
Published
2024-03-19
Updated
2024-03-19
Firt exploit
2024-03-19
Overview
Descriptions (2)
NVD, NVD
CWE (1)
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC (-)
Risk
CVSS Score
6.4 Medium
SSVC
-
KEV
-
EPSS
0.0%
Affected Products (-)
Vendors (1)
apple
Products (1)
iphone_os
Versions (2)
4.0, 4.1
Intel Resources (-)
Advisories (-)
-
Exploits (-)
-
Plugins (-)
-
References (1)
General (-)
Exploits & POcs (-)
Patches (-)
Advisories (1)
apple
Summary
Descriptions

Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.

Condición de carrera en Apple iOS 4.0 a 4.1 para iPhone 3G y posteriores permite a atacantes físicamente próximos eludir el bloqueo con código de seguridad realizando una llamada desde la pantalla de llamadas de emergencia y rápidamente presionando el botón de reposo/activación.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-10-20 CVE Reserved
  • 2010-12-08 CVE Published
  • 2024-04-25 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
Threat Intelligence Resources (0)
Security Advisory details:

Select an advisory to view details here.

Select an exploit to view details here.

References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
http://support.apple.com/kb/HT4456 2010-12-09
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apple
Search vendor "Apple"
 Iphone Os
Search vendor "Apple" for product "Iphone Os"
 4.0
Search vendor "Apple" for product "Iphone Os" and version "4.0"
-
Affected
Apple
Search vendor "Apple"
 Iphone Os
Search vendor "Apple" for product "Iphone Os"
 4.1
Search vendor "Apple" for product "Iphone Os" and version "4.1"
-
Affected