CVE-2015-5851

Publication date

2015-09-18 10:00:00

Family

apple

State

PUBLISHED

Description

The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack.