← back
CVE-2017-2423

CVE-2017-2423

EPSS 1.7%
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with an empty signature.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/HT207615https://support.apple.com/HT207617http://www.securityfocus.com/bid/97147http://www.securitytracker.com/id/1038138