Lucene search

AppleVULNRICHMENT:CVE-2024-40852

HistorySep 16, 2024 - 11:23 p.m.

CVE-2024-40852

2024-09-1623:23:22

apple

github.com

restriction

locked device

ios 18

ipados 18

unauthorized access

recent photos

assistive access

AI Score

6.2

Confidence

Low

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:ios_and_ipados:*:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "ios_and_ipados",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "18",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

support.apple.com/en-us/121250