Description
This issue was addressed through improved state management. This issue is fixed in Xcode 16, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. An app may gain unauthorized access to Bluetooth.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Affected products
- Apple / iOS and iPadOS0 – 18
- Apple / iOS and iPadOS0 – 17.7
- Apple / macOS0 – 15
- Apple / tvOS0 – 18
- Apple / visionOS0 – 2
- Apple / watchOS0 – 11
- Apple / Xcode0 – 16
References
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121238
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121239
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121240
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121246
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121248
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121249
- VENDOR_ADVISORYhttps://support.apple.com/en-us/121250