exploitDog

CVE-2024-40840

Опубликовано: 17 сент. 2024

Источник: nvd

CVSS3: 4.6

EPSS Низкий

Описание

This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data.

Ссылки

https://support.apple.com/en-us/121250
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/32

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 18.0 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 18.0 (исключая)

EPSS

Процентиль: 20%

0.00065

Низкий

4.6 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-9mpj-7whj-6m8h

CVSS3: 4.6

github

больше 1 года назад

This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data.

EPSS

Процентиль: 20%

0.00065

Низкий

4.6 Medium

CVSS3

Дефекты

NVD-CWE-noinfo