Lucene search

AppleCVE-2024-27814

HistoryJun 10, 2024 - 9:15 p.m.

CVE-2024-27814

2024-06-1021:15:50

apple

web.nvd.nist.gov

cve-2024-27814

device access

contact information

CVSS3

2.4

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

Low

EPSS

Percentile

12.9%

JSON

This issue was addressed through improved state management. This issue is fixed in watchOS 10.5. A person with physical access to a device may be able to view contact information from the lock screen.

Affected configurations

Nvd

Vulners

Node

applewatchosRange<10.5

VendorProductVersionCPE
applewatchos*cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	watchos	*	cpe:2.3:o:apple:watchos::::::::

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "10.5",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT214104

support.apple.com/kb/HT214104

CVSS3

2.4

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

Low

EPSS

Percentile

12.9%

JSON

Related for CVE-2024-27814