CVE-2016-4656
Published: 25 August 2016
Summary
CVE-2016-4656 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Iphone Os. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 1.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability tracked as CVE-2016-4656 is an out-of-bounds write (CWE-787) memory corruption flaw in the kernel of Apple iOS versions prior to 9.3.5. It received a CVSS v3.1 base score of 7.8 with the vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, reflecting local attack requirements but high impact on confidentiality, integrity, and availability when successfully triggered.
An attacker can exploit the issue by supplying a crafted application that the victim must install and run. Successful exploitation grants arbitrary code execution in a privileged kernel context or triggers a denial of service through memory corruption; no elevated privileges are required beyond the ability to execute the malicious app on the device.
Apple addressed the flaw in iOS 9.3.5, as detailed in the vendor’s security announcement and support document HT207107. Public references also link the vulnerability to the Trident/Pegasus spyware campaign, confirming real-world exploitation against targeted iOS devices prior to the patch release.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2016-5642
Vulnerability details
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
- CWE(s)
- KEV Date Added
- 24 May 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the out-of-bounds write memory corruption in the iOS kernel by enforcing memory protections that block arbitrary code execution or DoS from crafted apps.
Requires timely application of the iOS 9.3.5 patch that eliminates CVE-2016-4656 before exploitation by malicious apps.
Restricts installation and execution of user-supplied apps that are the required delivery mechanism for triggering the kernel flaw.