CVE Database · CVE-2009-1679
CVSS v3.1
N/A
EPSS
0.36%
Published
Jun 19, 2009
Modified
Apr 22, 2026
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
Weaknesses (CWE)
Affected Products (33)
References (14)
