CVE-2012-3725Sensitive Information Exposure in Apple Iphone OS

CWE-200Sensitive Information Exposure2 documents2 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 65.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedSep 20
Latest updateMay 17

Description

The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets containing a MAC address of a host on a previously used network, which might allow remote attackers to obtain sensitive information about previous device locations by sniffing an unencrypted Wi-Fi network for these packets.

CVSS vector

AV:A/AC:L/C:P/I:N/A:NExploitability: 6.5 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os5.1.1+39

🔴Vulnerability Details

1
GHSA
GHSA-72c4-8fq6-q36h: The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets containing a MAC address of a host on a previously u2022-05-17
CVE-2012-3725 — Sensitive Information Exposure in Apple | cvebase