CVE-2017-13874: High severity apple ios and ipados vulnerability
Mail. A S/MIME issue existed in the handling of encrypted email. This issue was addressed through improved selection of the encryption certificate.
Other sources
An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-7164
- CVE-2017-13905
- CVE-2017-2411
- CVE-2017-7172
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-13847
- CVE-2017-7162
- CVE-2017-13879
- CVE-2017-13861
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-13876
- CVE-2017-7173
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13880
- CVE-2017-13874
- CVE-2017-13860
- CVE-2017-7152
- CVE-2017-13888
- CVE-2017-13891
- CVE-2017-13885
- CVE-2017-7165
- CVE-2017-13884
- CVE-2017-7153
- CVE-2017-7156
- CVE-2017-7157
- CVE-2017-13856
- CVE-2017-13870
- CVE-2017-7160
- CVE-2017-13866
- CVE-2017-13080
Frequently Asked Questions
What is CVE-2017-13874?
CVE-2017-13874 is a vulnerability that exists in certain Apple products, specifically iOS before 11.2, which allows remote attackers to bypass encryption protection in the Mail component.
Which Apple products are affected by CVE-2017-13874?
iOS before version 11.2 is affected by CVE-2017-13874.
What is the severity of CVE-2017-13874?
CVE-2017-13874 has a severity rating of 7.5 (high).
How can I fix CVE-2017-13874?
To fix CVE-2017-13874, update your iOS device to version 11.2 or later.
Where can I find more information about CVE-2017-13874?
You can find more information about CVE-2017-13874 on the following websites: http://www.securityfocus.com/bid/102097, http://www.securitytracker.com/id/1039953, and https://support.apple.com/HT208334.