CVE-2023-28182

Published: May 8, 2023

Modified: Jan 29, 2025

PUBLISHED

Description

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device.

Vendor	Product	Versions
Apple	macOS	affected `unspecified - < 13.3`
Apple	iOS and iPadOS	affected `unspecified - < 16.4`
Apple	macOS	affected `unspecified - < 12.6`
Apple	macOS	affected `unspecified - < 11.7`
Apple	iOS and iPadOS	affected `unspecified - < 15.7`

References

https://support.apple.com/en-us/HT213670

https://support.apple.com/en-us/HT213676

https://support.apple.com/en-us/HT213677

https://support.apple.com/en-us/HT213675

https://support.apple.com/en-us/HT213673

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-28182

Description

Affected Products

References