CVE-2021-30810

Description

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

References

Release NotesVendor Advisory
Release NotesVendor Advisory
Release NotesVendor Advisory

CvssV3 impact

BaseSeverity

MEDIUM

ConfidentialityImpact

NONE

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

ADJACENT_NETWORK

AvailabilityImpact

NONE

IntegrityImpact

LOW

PrivilegesRequired

NONE

BaseScore

4.3

VectorString

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

2.9

VectorString

AV:A/AC:M/Au:N/C:N/I:P/A:N

Version

2.0

AccessVector

ADJACENT_NETWORK

Authentication

NONE