CVE-2016-4656

7.8 HIGH CISA KEV - Actively Exploited

Published: August 25, 2016 Modified: October 22, 2025

Description

The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html

Source: product-security@apple.com

Mailing List Vendor Advisory

http://www.securityfocus.com/bid/92652

Source: product-security@apple.com

Broken Link Third Party Advisory VDB Entry

http://www.securitytracker.com/id/1036694

Source: product-security@apple.com

Broken Link Third Party Advisory VDB Entry

https://blog.lookout.com/blog/2016/08/25/trident-pegasus/

Source: product-security@apple.com

Broken Link

https://support.apple.com/HT207107

Source: product-security@apple.com

Release Notes Vendor Advisory

https://www.exploit-db.com/exploits/44836/

Source: product-security@apple.com

Exploit Third Party Advisory VDB Entry

http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html