CVE-2023-42846

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 10.1 iOS versions prior to 16.7.2 and prior to 17.1 iPadOS versions prior to 16.7.2 and prior to 17.1 tvOS versions prior to 17.1

Description The issue is related to the mDNSResponder component in Apple operating systems, which lacks protection for service data. This allows a remote attacker to passively track a device by its Wi-Fi MAC address. The problem arose due to an error in the mDNSResponder process, related to the Bonjour network protocol. A device may be passively tracked by its Wi-Fi MAC address.

Recommendations For watchOS versions prior to 10.1, update to watchOS 10.1 to fix the issue. For iOS versions prior to 16.7.2, update to iOS 16.7.2 to fix the issue. For iOS versions prior to 17.1, update to iOS 17.1 to fix the issue. For iPadOS versions prior to 16.7.2, update to iPadOS 16.7.2 to fix the issue. For iPadOS versions prior to 17.1, update to iPadOS 17.1 to fix the issue. For tvOS versions prior to 17.1, update to tvOS 17.1 to fix the issue.