This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic.
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ipados | Apple | * | 18.5 (excluding) |
Iphone_os | Apple | * | 18.5 (excluding) |