An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol (SCEP) implementation in the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support.
Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3 está afectado. El problema involucra la implementación de Simple Certificate Enrollment Protocol (SCEP) en el componente "Profiles". Permite a los atacantes remotos omitir los mecanismos de protección criptográfica mediante el aprovechamiento del soporte DES.
iOS 10.3 is now available and addresses code execution, information disclosure, denial of service, and various other vulnerabilities.
