CVE-2016-7759 Apple CVE debrief

Who should care

People and organizations still using iOS devices on versions before 10, especially in environments where devices may be briefly accessible to others, should care most. This also matters for legacy-device fleets that cannot be updated promptly.

Technical summary

The issue is a snapshot/privacy exposure in Springboard, the iOS component associated with the Task Switcher. When an affected device is accessible to someone nearby, application snapshots may reveal sensitive on-screen content. NVD assigns the vector CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating confidentiality impact only and no integrity or availability impact.

Defensive priority

Medium

Recommended defensive actions

• Upgrade affected devices to iOS 10 or later, or retire hardware that cannot be updated beyond the affected range.
• Limit physical access to unlocked devices and enforce strong passcodes with short auto-lock timeouts.
• Review mobile-device policies for legacy iOS systems and isolate or decommission versions that remain on pre-10 releases.
• If supported by your device-management baseline, reduce exposure of lock-screen and task-switcher previews for sensitive apps and users.

Evidence notes

Source evidence is limited to official metadata and linked vendor references. The NVD record states that iOS before 10 is affected and that the issue involves Springboard allowing physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher. NVD also lists a vendor advisory link to Apple Support (HT207143), a CWE-200 classification, and CPE coverage through iPhone OS 9.3.5. CVE published date used here is 2017-02-20; modified metadata date is 2026-05-13.

Official resources