How severe is CVE-2017-14315?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2017-14315?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2017-14315 - HIGH Severity | CVSS 7.5

Vulnerability Description

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings.

Related Vulnerabilities

CVE-2006-7221

HIGH

CVSS:7.5(High)

Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes.

CWE-1192006

CVE-2011-3359

HIGH

CVSS:7.5(High)

The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system c...

CWE-1192011

CVE-2012-0929

HIGH

CVSS:7.5(High)

Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server.

CWE-1192012

CVE-2012-2034

HIGH

CVSS:7.5(High)

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and bef...

CWE-1192012

CVE-2012-6698

HIGH

CVSS:7.5(High)

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

CWE-1192012

CVE-2012-6699

HIGH

CVSS:7.5(High)

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.

CWE-1192012