CVE-2014-4448

House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
1.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
appleiphone_os
𝑥
≤ 8.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/archive/1/533747
http://www.securityfocus.com/bid/70661
http://www.securitytracker.com/id/1031077
https://exchange.xforce.ibmcloud.com/vulnerabilities/97664
https://support.apple.com/kb/HT6541
http://www.securityfocus.com/archive/1/533747
http://www.securityfocus.com/bid/70661
http://www.securitytracker.com/id/1031077
https://exchange.xforce.ibmcloud.com/vulnerabilities/97664
https://support.apple.com/kb/HT6541