CVE-2017-6975

Name: CVE-2017-6975
Creator: NVD / NIST
Published: 2017-04-05T14:59:00.417+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.54%

Last modified Jun 17, 2026

CVE-2017-6975 is a vulnerability of currently unknown severity. Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior.. EPSS estimates a 0.54% chance of exploitation in the next 30 days.

Description

Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior.

Metrics

EPSS Probability

0.54%

41.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Apple	Iphone Os	<= 10.3

References

http://seclists.org/fulldisclosure/2019/May/24
http://www.securityfocus.com/bid/97328Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038172
https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.htmlExploit, Technical Description, Third Party Advisory
https://seclists.org/bugtraq/2019/May/30
https://support.apple.com/HT207688Vendor Advisory
https://support.apple.com/kb/HT210121
https://twitter.com/4Dgifts/status/849268365457850370Third Party Advisory
http://seclists.org/fulldisclosure/2019/May/24
http://www.securityfocus.com/bid/97328Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038172
https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.htmlExploit, Technical Description, Third Party Advisory
https://seclists.org/bugtraq/2019/May/30
https://support.apple.com/HT207688Vendor Advisory
https://support.apple.com/kb/HT210121
https://twitter.com/4Dgifts/status/849268365457850370Third Party Advisory

Timeline

Published: Apr 5, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-6975?

How severe is CVE-2017-6975?

Severity scoring for CVE-2017-6975 is pending analysis. The EPSS model estimates a 0.54% probability of exploitation in the next 30 days.

How do I fix CVE-2017-6975?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6975?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST