VDB
CVE-2013-4616
CVE-2013-4616
PUBLISHED
CVSS 5.800000190734863 MEDIUM
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases.
EPSS 0.57% · 69.0th percentile
Risk Scores
CVSS 2.0
5.800000190734863
EPSS Score
0.57%
69.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| apple | iphone_os | 0, 1.0.0, 1.0.1 |
Exploit Intelligence
- [owasp-mobile-security-project] 20130617 Cracking iOS personal hotspots using a Scrabble crossword game word list (circl)
- 1029054 (circl)
- http://www1.cs.fau.de/hotspot (circl)
- 54886 (circl)
- http://support.apple.com/kb/HT5934 (circl)
- http://www1.cs.fau.de/filepool/projects/hotspot/hotspot.pdf (circl)
- APPLE-SA-2013-09-18-2 (circl)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
…and 1 more exploits
Timeline
- Jun 18, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- http://support.apple.com/kb/HT5934 advisory
- [owasp-mobile-security-project] 20130617 Cracking iOS personal hotspots using a Scrabble crossword game word list mailing-list
- 1029054 vdb
- http://www1.cs.fau.de/hotspot url
- 54886 third-party-advisory
- http://www1.cs.fau.de/filepool/projects/hotspot/hotspot.pdf url
- APPLE-SA-2013-09-18-2 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2013-4616 advisory