Описание
This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 16.7.2 (исключая)Версия от 17.0 (включая) до 17.1 (исключая)Версия до 16.7.2 (исключая)Версия от 17.0 (включая) до 17.1 (исключая)Версия до 17.1 (исключая)Версия до 10.1 (исключая)
Одно из
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00216
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address.
CVSS3: 7.5
fstec
больше 2 лет назад
Уязвимость компонента mDNSResponder операционных систем watchOS, iOS, iPadOS, tvOS, позволяющая нарушителю отслеживать устройство по его MAC-адресу Wi-Fi
EPSS
Процентиль: 44%
0.00216
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-200