CVE-2015-3782

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 8.4.1 Apple OS X versions prior to 10.10.5

Description The issue allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. This is due to a lack of protection for service data in the CloudKit component of the iOS operating system. Exploitation of this issue may allow a remote attacker to gain access to an iCloud account using a specially formed application.

Recommendations For Apple iOS versions prior to 8.4.1, update to version 8.4.1 or later to resolve the issue. For Apple OS X versions prior to 10.10.5, update to version 10.10.5 or later to resolve the issue.