First published: Mon May 13 2019(Updated: )
Wi-Fi. A user privacy issue was addressed by removing the broadcast MAC address.
Credit: David Kreitschmann Milan Stute Secure Mobile Networking Lab at Technische UniversitDavid Kreitschmann Milan Stute Secure Mobile Networking Lab at Technische UniversitDavid Kreitschmann Milan Stute Secure Mobile Networking Lab at Technische Universit product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.3 | |
Apple tvOS | <12.3 | |
Apple watchOS | <5.2.1 | |
Apple watchOS | <5.2.1 | 5.2.1 |
Apple iOS | <12.3 | 12.3 |
Apple tvOS | <12.3 | 12.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2019-8620.
The severity of CVE-2019-8620 is high with a CVSS score of 7.5.
CVE-2019-8620 is a user privacy issue that was addressed by removing the broadcast MAC address. A device may be passively tracked by its WiFi MAC address.
iOS versions up to but excluding 12.3, tvOS versions up to but excluding 12.3, and watchOS versions up to but excluding 5.2.1 are affected by CVE-2019-8620.
Update your device's iOS, tvOS, or watchOS software to version 12.3, 12.3, or 5.2.1 respectively.