CVE-2014-1360
iPhone OS < 7.1.2 - Activation Lock Bypass via Unverified Activation Server Data
Title source: llmDescription
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68276
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030500
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT6441
Scores
EPSS
0.0043
EPSS Percentile
35.0%
Details
CWE
CWE-20
Status
published
Products (9)
apple/iphone_os
7.0
apple/iphone_os
7.0.1
apple/iphone_os
7.0.2
apple/iphone_os
7.0.3
apple/iphone_os
7.0.4
apple/iphone_os
7.0.5
apple/iphone_os
7.0.6
apple/iphone_os
7.1
apple/iphone_os
< 7.1.1
Published
Jul 01, 2014
Tracked Since
Feb 18, 2026