Description


An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

Related CPE's


Vulnerable

Vulnerable

Vulnerable

Vulnerable

References


http://seclists.org/fulldisclosure/2021/Oct/61

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2021/Oct/62

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2021/Oct/63

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT212814

Release NotesVendor Advisory

https://support.apple.com/en-us/HT212815

Release NotesVendor Advisory

https://support.apple.com/en-us/HT212819

Release NotesVendor Advisory

Weaknesses



CWE-862

CVSS impact metrics


CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

4.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-10-19T14:15:08.370

3 years ago

Last modified

2021-11-03T20:15:39.530

3 years ago