Description
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.
Related CPE's
References
http://seclists.org/fulldisclosure/2021/Oct/61
http://seclists.org/fulldisclosure/2021/Oct/62
http://seclists.org/fulldisclosure/2021/Oct/63
https://support.apple.com/en-us/HT212814
https://support.apple.com/en-us/HT212815
https://support.apple.com/en-us/HT212819
CVSS impact metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
4.3 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-10-19T14:15:08.370
3 years agoLast modified
2021-11-03T20:15:39.530
3 years ago