search

CloudSecurityAlliance / gsd-database

Global Security Database
https://gsd.id
Creative Commons Zero v1.0 Universal
305 stars 59 forks source link

[CAN-2023-1000000] GSD Request #2442

Closed GSD-automation closed 1 year ago

GSD-automation commented 1 year ago 
--- GSD JSON ---
{
  "vendor_name": "Apple",
  "product_name": "iPhone ",
  "product_version": "1.0",
  "vulnerability_type": "CWE",
  "affected_component": "Security Legacy enclave ",
  "attack_vector": "Local access",
  "impact": "Transfer digital ownership legacy ",
  "credit": "Discover ",
  "references": [
    "icloud.com",
    ""
  ],
  "reporter": "Worldbrink",
  "reporter_id": 120640212,
  "notes": "A Business using copyrighted trademark and logos for authorized repairs did not in fact use and claimed my device was now theirs bc of the exploit.",
  "description": "In Apple iPhone  version 1.0 a CWE exists in the Security Legacy enclave  that can be attacked via Local access resulting in Transfer digital ownership legacy "
}
--- GSD JSON ---

/cc @Worldbrink

joshbressers commented 1 year ago

I don't think this has enough details to assign an ID, can you provide more reference links explaining this?

kurtseifried commented 1 year ago

This is going to need a lot more details and confirmation, can you add some source material? thanks.

GSD-automation commented 1 year ago

This issue has been assigned CAN-2023-1000000

joshbuker commented 1 year ago

@joshbressers @kurtseifried Merge or close?

joshbuker commented 1 year ago

Closing per Slack discussion w/ @kurtseifried.