Vulnerability Details : CVE-2014-1266
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
Threat overview for CVE-2014-1266
Top countries where our scanners detected CVE-2014-1266
Top open port discovered on systems with this issue
548
IPs affected by CVE-2014-1266 110
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-1266!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-1266
Probability of exploitation activity in the next 30 days: 0.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-1266
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
|
7.4
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
2.2
|
5.2
|
NIST |
CWE ids for CVE-2014-1266
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
The product does not validate, or incorrectly validates, a certificate.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1266
-
https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html
SMBlog -- 24 February 2014Exploit
-
https://news.ycombinator.com/item?id=7281378
Take a look at http://opensource.apple.com/source/Security/Security-55471/libsec... | Hacker NewsExploit;Issue Tracking
-
http://support.apple.com/kb/HT6148
About the security content of Apple TV 6.0.2 - Apple SupportVendor Advisory
-
http://support.apple.com/kb/HT6147
About the security content of iOS 7.0.6 - Apple SupportVendor Advisory
-
https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html
SMBlog -- 23 February 2014Exploit
-
http://support.apple.com/kb/HT6150
About the security content of OS X Mavericks v10.9.2 and Security Update 2014-001 - Apple SupportVendor Advisory
-
http://support.apple.com/kb/HT6146
About the security content of iOS 6.1.6 - Apple SupportVendor Advisory
-
https://www.imperialviolet.org/2014/02/22/applebug.html
ImperialViolet - Apple's SSL/TLS bugExploit
-
http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187
Apple Fixes Dangerous SSL Authentication Flaw In iOS - SlashdotIssue Tracking
Products affected by CVE-2014-1266
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*