Unrated severityNVD Advisory· Published Jan 30, 2015· Updated May 6, 2026

CVE-2014-4492

Description

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A type confusion vulnerability in libnetcore on Apple devices allows sandboxed apps to execute arbitrary code in networkd context via crafted XPC messages.

Vulnerability

The libnetcore component in Apple iOS before 8.1.3, OS X before 10.10.2, and Apple TV before 7.0.3 fails to verify that certain values in XPC messages have the expected data type. This type confusion vulnerability can be triggered when a sandboxed app sends a crafted XPC message to the networkd process. Affected versions: iOS <8.1.3, OS X <10.10.2, Apple TV <7.0.3. [1][2][3]

Exploitation

An attacker with a sandboxed app installed on the device can send a specially crafted XPC dictionary with incorrect data types. The XPC message is processed by networkd without proper type checking, leading to memory corruption. No additional authentication is required beyond having access to run a sandboxed app. The attack vector is local but from within the sandbox. [1][2][3]

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the networkd process, which runs with higher privileges. This effectively results in a sandbox escape, granting the attacker elevated capabilities on the system. [1][2][3]

Mitigation

Apple addressed this issue in iOS 8.1.3, OS X Yosemite v10.10.2 and Security Update 2015-001, and Apple TV 7.0.3. Users should update to the latest versions. No workarounds are available. The vulnerability is not listed in CISA KEV. [1][2][3]

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <=8.1.2
Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.10.1
Apple Inc./tvOS
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Range: <=7.0.1
Apple Inc./iOSllm-fuzzy
Range: <8.1.3
Apple Inc./OS Xllm-fuzzy
Range: <10.10.2
Apple Inc./Apple TVllm-fuzzy
Range: <7.0.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/35847nvdExploit
code.google.com/p/google-security-research/issues/detailnvdExploit
lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2015/Jan/msg00003.htmlnvdVendor Advisory
support.apple.com/HT204244nvdVendor Advisory
support.apple.com/HT204245nvdVendor Advisory
support.apple.com/HT204246nvdVendor Advisory
lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlnvd
packetstormsecurity.com/files/134393/Mac-OS-X-Networkd-XPC-Type-Confusion-Sandbox-Escape.htmlnvd
www.osvdb.org/114862nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.017
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000