CVE-2016-7577

Vulnerability

The vulnerability resides in the FaceTime component of iOS before version 10.1 and macOS before version 10.12.1. It allows remote attackers to trigger memory corruption, leading to the disclosure of audio data from a call that appeared to have ended. The exact code path is not detailed, but it involves the handling of call state transitions.

Exploitation

An attacker with network access can exploit this by initiating a FaceTime call and manipulating the call termination process. No authentication is required beyond being able to place a call. The attacker can cause the call to appear ended while audio transmission continues, allowing the attacker to capture audio data from the other participant.

Impact

Successful exploitation results in information disclosure of audio data from a call that the victim believed had ended. The attacker gains access to potentially sensitive conversations without the victim's knowledge. The impact is limited to audio data; no code execution or privilege escalation is indicated.

Mitigation

Apple addressed this issue in iOS 10.1 [2] and macOS 10.12.1 [1], released on October 24, 2016. Users should update their devices to these versions or later. No workarounds are available.