Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access.

Improper input validation for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.

Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access.

Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.

Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of sensitive system information due to uncleared debug information for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address.

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.