CVE-2013-4616

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 7

Description The issue concerns the generation of default Wi-Fi passwords in Apple iOS. Specifically, the WifiPasswordController generateDefaultPassword method relies on the UITextChecker suggestWordInLanguage method for selecting Wi-Fi hotspot WPA2 PSK passphrases. This approach results in an insufficient number of possible passphrases, making it easier for remote attackers to obtain access via a brute-force attack.

Recommendations For Apple iOS versions prior to 7, consider changing the default Wi-Fi password to a stronger, manually generated passphrase to minimize the risk of exploitation. As a temporary workaround, restrict access to sensitive data and networks until a secure password can be set.