PT-2019-10935 · Apple · Watchos+2

James Seeley

Published

2019-04-03

Updated

2019-04-05

CVE-2018-4436

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1.1 tvOS versions prior to 12.1.1 watchOS versions prior to 5.1.2

Description: A certificate validation issue existed in configuration profiles, which has been addressed with additional checks.

Recommendations: For iOS versions prior to 12.1.1, update to iOS 12.1.1 or later. For tvOS versions prior to 12.1.1, update to tvOS 12.1.1 or later. For watchOS versions prior to 5.1.2, update to watchOS 5.1.2 or later.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2018-4436

Affected Products

Ios

Tvos

Watchos

PT-2019-10935 · Apple · Watchos+2

CVE-2018-4436

Weakness Enumeration

Related Identifiers

Affected Products

References · 5