CVE-2023-42846

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Nov 2, 2023

Summary

CVE-2023-42846 is a vulnerability that allowed devices to be passively tracked through their Wi-Fi MAC addresses. Apple addressed this issue by removing the vulnerable code in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1, and iPadOS 17.1. Devices were at risk of being tracked without the user's knowledge or consent. This vulnerability has been mitigated with the release of these updated operating systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ssAfpA
https://www.cve.org/CVERecord?id=CVE-2023-42846
https://nvd.nist.gov/vuln/detail/CVE-2023-42846

Back to Vulnerability Database

CVE-2023-42846

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations