VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 20, 2013· Updated Apr 29, 2026

CVE-2013-0981

CVE-2013-0981

Description

Local privilege escalation in Apple IOUSBDeviceFamily driver via improper validation of userspace pipe object pointers.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Local privilege escalation in Apple IOUSBDeviceFamily driver via improper validation of userspace pipe object pointers.

Vulnerability

The IOUSBDeviceFamily driver in the USB implementation in the kernel of Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly validate pipe object pointers originating from userspace. This allows crafted code to manipulate these pointers, leading to privilege escalation. [1][2]

Exploitation

A local user can exploit this by providing crafted pipe object pointers to the IOUSBDeviceFamily driver via a malicious application. No authentication is required beyond local access to the device. [2]

Impact

Successful exploitation allows a local attacker to execute arbitrary code with kernel privileges, gaining full control over the device. [1][2]

Mitigation

Apple addressed this issue in iOS 6.1.3 and Apple TV 5.2.1 by adding additional validation of pipe object pointers. Users should update to these versions or later. [1][2]

References
  1. About the security content of iOS 6.1.3 - Apple Support
  2. About the security content of Apple TV 5.2.1 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

103
  • Apple Inc./Iphone OS72 versions
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*+ 71 more
    • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*range: <=6.1.2
    • cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.3:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0.1:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*
  • Apple Inc./tvOS29 versions
    cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*+ 28 more
    • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*range: <=5.2.0
    • cpe:2.3:o:apple:tvos:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.4.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:4.4.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:5.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:tvos:5.1.1:*:*:*:*:*:*:*
  • Apple Inc./iOSllm-fuzzy
    Range: <6.1.3
  • Apple Inc./TVllm-fuzzy
    Range: <5.2.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.