CVE-2021-30866Apple IOS AND Ipados vulnerability

5 documents2 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 73.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Apple IOS AND IpadosApple TvosApple Watchos+6 more
Timeline
PublishedAug 24
Latest updateOct 25

Description

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages12 packages

CVEListV5apple/tvosunspecified15
NVDapple/tvos< 15.0
NVDapple/ipados< 15.0
CVEListV5apple/watchosunspecified8
NVDapple/watchos< 8.0

📋Vendor Advisories

4
Apple
CVE-2021-30866: macOS Monterey 12.0.12021-10-25
Apple
CVE-2021-30866: iOS 15 and iPadOS 152021-09-20
Apple
CVE-2021-30866: tvOS 152021-09-20
Apple
CVE-2021-30866: watchOS 82021-09-20