The issue with ATS in Apple’s macOS and iOS

By Will Brattain Trail of Bits is publicly disclosing a vulnerability (CVE-2023-38596) that affects iOS versions 10 and later and macOS versions 10.12 and later. The flaw resides in Apple’s App Transport Security (ATS) protocol handling. We discovered that Apple’s ATS fails to require the encryption of connections to IP addresses and *.local hostnames, which […]

The post The issue with ATS in Apple’s macOS and iOS appeared first on Security Boulevard.

addresses app apple bits connections cve encryption flaw handling ios ip addresses issue macos protocol security trail of bits transport transport security vulnerability