Milan Stute

**Name of the Vulnerable Software and Affected Versions** macOS Mojave versions prior to 10.14.4 Security Update versions prior to 2019-002 High Sierra Security Update versions prior to 2019-002 Sierra tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 macOS Mojave versions prior to 10.14.5 Security Update versions prior to 2019-003 High Sierra Security Update versions prior to 2019-003 Sierra iOS versions prior to 12.3 **Description** A logic issue was addressed with improved state management. An attacker in a privileged network position can modify driver state. **Recommendations** For macOS Mojave versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For Security Update versions prior to 2019-002 High Sierra, apply Security Update 2019-002 or later. For Security Update versions prior to 2019-002 Sierra, apply Security Update 2019-002 or later. For tvOS versions prior to 12.3, update to tvOS 12.3 or later. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later. For macOS Mojave versions prior to 10.14.5, update to macOS Mojave 10.14.5 or later. For Security Update versions prior to 2019-003 High Sierra, apply Security Update 2019-003 or later. For Security Update versions prior to 2019-003 Sierra, apply Security Update 2019-003 or later. For iOS versions prior to 12.3, update to iOS 12.3 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13.1 iPadOS versions prior to 13.1 macOS versions prior to 10.15 watchOS versions prior to 6 tvOS versions prior to 13 **Description** The issue allows an attacker in physical proximity to passively observe device names in AWDL communications. This is possible due to the way device names are handled. The estimated number of potentially affected devices is not specified. **Recommendations** For iOS versions prior to 13.1, update to iOS 13.1 or later. For iPadOS versions prior to 13.1, update to iPadOS 13.1 or later. For macOS versions prior to 10.15, update to macOS 10.15 or later. For watchOS versions prior to 6, update to watchOS 6 or later. For tvOS versions prior to 13, update to tvOS 13 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Catalina versions prior to 10.15.7 **Description** A file access issue existed with certain home folder files, allowing a malicious application to potentially read sensitive location information. This issue was addressed with improved access restrictions. **Recommendations** For macOS Catalina versions prior to 10.15.7, update to macOS Catalina 10.15.7 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.2 **Description** A user privacy issue allowed devices to be passively tracked by their WiFi MAC address. This issue has been addressed by removing the broadcast MAC address. **Recommendations** For iOS versions prior to 12.2, update to iOS 12.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.3 tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 **Description** A user privacy issue allowed devices to be passively tracked by their WiFi MAC address. This issue has been addressed by removing the broadcast MAC address. **Recommendations** For iOS versions prior to 12.3, update to iOS 12.3 or later to resolve the issue. For tvOS versions prior to 12.3, update to tvOS 12.3 or later to resolve the issue. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1 macOS Mojave versions prior to 10.14.1 tvOS versions prior to 12.1 watchOS versions prior to 5.1 Description: A denial of service issue was addressed with improved validation. Recommendations: For iOS versions prior to 12.1, update to iOS 12.1 or later. For macOS Mojave versions prior to 10.14.1, update to macOS Mojave 10.14.1 or later. For tvOS versions prior to 12.1, update to tvOS 12.1 or later. For watchOS versions prior to 5.1, update to watchOS 5.1 or later.