CVE-2014-4451 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-4451 PUBLISHED CVSS 7.199999809265137 HIGH

Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.

EPSS 0.07% · 21.9th percentile

Risk Scores

CVSS v2.0

7.199999809265137

EPSS Score

0.07%

21.9th percentile

Affected Products

Vendor	Product	Versions
apple	iphone_os	0, 8.0, 8.0.1
n/a	n/a	n/a

Timeline

Nov 18, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

https://support.apple.com/en-us/HT6592 advisory
https://support.apple.com/en-us/HT6591 advisory
https://support.apple.com/en-us/HT6590 advisory
appleios-cve20144451-sec-bypass(98776) vdb
APPLE-SA-2014-11-17-1 vendor-advisory
62504 third-party-advisory
71138 vdb
1031232 vdb
https://support.apple.com/en-us/HT204418 url
https://nvd.nist.gov/vuln/detail/CVE-2014-4451 advisory

Open in Interactive Console →