An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account.
Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. El problema implica el componente "Exchange ActiveSync". Permite que atacantes remotos eliminen un dispositivo en circunstancias oportunistas secuestrando una sesión AutoDiscover V1 en texto claro durante la configuración de una cuenta de Exchange.
iOS 11 is now available and addresses cross site scripting, denial of service, and various other vulnerabilities.