CVE-2018-4339: Medium severity apple ios and ipados vulnerability
Published Oct 30, 2018
·Updated
Bluetooth. This issue was addressed with a new entitlement.
Other sources
This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.
Credit
Michael Thomas@@NSBiscuit
Affected Software
2 affected componentsFixes available
Apple iOS and iPadOS<12.1
12.1
iPhone OS<12.1
Event History
Oct 27, 2020
CVE Published
via MITRE·07:18 PM
Data Sourced
via MITRE·07:18 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4384
- CVE-2018-4339
- CVE-2018-4365
- CVE-2018-4398
- CVE-2018-4366
- CVE-2018-4367
- CVE-2018-4394
- CVE-2018-4427
- CVE-2018-4371
- CVE-2018-4420
- CVE-2018-4413
- CVE-2018-4419
- CVE-2018-4381
- CVE-2018-4390
- CVE-2018-4391
- CVE-2018-4369
- CVE-2018-4388
- CVE-2018-4374
- CVE-2018-4377
- CVE-2018-4400
- CVE-2018-4387
- CVE-2018-4385
- CVE-2018-4372
- CVE-2018-4373
- CVE-2018-4375
- CVE-2018-4376
- CVE-2018-4382
- CVE-2018-4386
- CVE-2018-4392
- CVE-2018-4416
- CVE-2018-4409
- CVE-2018-4378
- CVE-2018-4368
Frequently Asked Questions
1
What is CVE-2018-4339?
CVE-2018-4339 is a vulnerability in iOS that allows a local user to read a persistent device identifier.
2
How was CVE-2018-4339 addressed?
CVE-2018-4339 was addressed with a new entitlement in iOS 12.1.
3
What is the severity of CVE-2018-4339?
The severity of CVE-2018-4339 is medium with a CVSS score of 5.5.
4
Which software versions are affected by CVE-2018-4339?
iOS versions up to but not including 12.1 are affected by CVE-2018-4339.
5
Where can I find more information about CVE-2018-4339?
You can find more information about CVE-2018-4339 on the official Apple support page: https://support.apple.com/en-us/HT209192.