Vulnerability Database

299,749

Total vulnerabilities in the database

CVE-2017-13903

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Watch to obtain an encryption key and unlock a door.

  • Published: Dec 25, 2017
  • Updated: Nov 9, 2025
  • CVE: CVE-2017-13903
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
apple / iphone_os - 11.2.1
apple / tvos - 11.2.1