Description
This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- Apple / iOSunspecified – 16
- Apple / watchOSunspecified – 9
References
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT213446
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT213486