An issue exists in certain Apple products. iOS prior to 10.3 is affected. macOS prior to 10.12.4 is affected. The issue involves the "Security" component. It allows remote malicious users to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with an empty signature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple mac os x |