Zimperium zLabs Team

9 exploits Active since May 2017
CVE-2017-6998 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6997 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6996 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6995 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6994 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6989 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6979 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.12.5, <10.2.1, <3.2.2 - RCE
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.0
CVE-2018-4087 EXPLOITDB HIGH WORKING POC
Apple TV < 11.2.5 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-6999 EXPLOITDB HIGH text WORKING POC
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8