Lucene search

AppleVULNRICHMENT:CVE-2024-40813

HistoryJul 29, 2024 - 10:17 p.m.

CVE-2024-40813

2024-07-2922:17:18

apple

github.com

lock screen

vulnerability

watchos

ios

ipados

AI Score

5.1

Confidence

Low

EPSS

0.001

Percentile

21.4%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A lock screen issue was addressed with improved state management. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6. An attacker with physical access may be able to use Siri to access sensitive user data.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "10.6",
        "versionType": "custom"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2024/Jul/16

seclists.org/fulldisclosure/2024/Jul/21

support.apple.com/en-us/HT214117

support.apple.com/en-us/HT214124