CVE-2023-42846
N/A
N/A
Summary
This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | iOS and iPadOS | unspecified < 16.7 | affected |
| Apple | tvOS | unspecified < 17.1 | affected |
| Apple | watchOS | unspecified < 10.1 | affected |
| Apple | iOS and iPadOS | unspecified < 17.1 | affected |
Weaknesses
- A device may be passively tracked by its Wi-Fi MAC address
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/en-us/HT213981
- https://support.apple.com/en-us/HT213987
- https://support.apple.com/en-us/HT213988
- https://support.apple.com/en-us/HT213982
- https://support.apple.com/kb/HT213982
- https://support.apple.com/kb/HT213987
- https://support.apple.com/kb/HT213988
- https://support.apple.com/kb/HT213981
- http://seclists.org/fulldisclosure/2023/Oct/23
- http://seclists.org/fulldisclosure/2023/Oct/22
- http://seclists.org/fulldisclosure/2023/Oct/19
- http://seclists.org/fulldisclosure/2023/Oct/25
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://support.apple.com/en-us/HT213981
- https://support.apple.com/en-us/HT213987
- https://support.apple.com/en-us/HT213988
- https://support.apple.com/en-us/HT213982
- https://support.apple.com/kb/HT213982
- https://support.apple.com/kb/HT213987
- https://support.apple.com/kb/HT213988
- https://support.apple.com/kb/HT213981
- http://seclists.org/fulldisclosure/2023/Oct/23
- http://seclists.org/fulldisclosure/2023/Oct/22
- http://seclists.org/fulldisclosure/2023/Oct/19
- http://seclists.org/fulldisclosure/2023/Oct/25
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.