CVE-2015-3778

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 8.4.1 Apple OS X versions prior to 10.10.5

Description The issue is related to the bootp component in the operating systems, which lacks protection for service data. This allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. The exploitation of this issue may enable an attacker to access protected information about device MAC addresses obtained during previous WiFi sessions by analyzing broadcast network requests.

Recommendations For Apple iOS versions prior to 8.4.1, update to version 8.4.1 or later. For Apple OS X versions prior to 10.10.5, update to version 10.10.5 or later.