Description
A validation issue was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. A malicious application may be able to leak sensitive user information.
Related CPE's
References
https://support.apple.com/en-us/HT212317
Vendor Advisory
https://support.apple.com/en-us/HT212324
Vendor Advisory
https://support.apple.com/en-us/HT212325
Vendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-09-08T15:15:13.217
3 years agoLast modified
2021-09-17T14:26:26.420
3 years ago