VDB
GSD-2016-4656
GSD-2016-4656
PUBLISHED
CVSS 7.800000190734863 HIGH
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
Exploit Intelligence
- CVE-2016-4657 web-kit vulnerability for ios 9.3, nintendo switch browser vulnerability (github-poc)
- Exploiting CVE-2016-4657 to JailBreak the Nintendo Switch (github-poc)
- CVE-2016-4657 for NintendoSwitch rwx (github-poc)
- OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656 (github-poc)
- 8.4.1 Jailbreak using CVE-2016-4655 / CVE-2016-4656 (github-poc)
- OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656 (github-poc)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4656 (circl)
- https://support.apple.com/HT207107 (circl)
- 44836 (circl)
- 1036694 (circl)
…and 16 more exploits
Timeline
- Aug 25, 2016 CVE Published
- Aug 25, 2016 PoC Published
- Aug 26, 2016 PoC Published
- Jun 4, 2018 PoC Published
- Jun 5, 2018 PoC Published
- Sep 19, 2018 PoC Published
- Oct 9, 2020 PoC Published
- Jun 14, 2023 PoC Published
- Dec 24, 2024 PoC Published
- Feb 6, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 23, 2025 PoC Published
References
- https://blog.lookout.com/blog/2016/08/25/trident-pegasus/ url
- APPLE-SA-2016-08-25-1 vendor-advisory
- 92652 vdb
- 1036694 vdb
- 44836 exploit
- https://support.apple.com/HT207107 advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-4656 advisory