Videosdebarraquito

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 15.4 Versões do iPadOS anteriores à 15.4 **Descrição** Foi corrigido um problema de autenticação por meio de um gerenciamento de estado aprimorado, o que permitia que uma pessoa com acesso físico a um dispositivo iOS pudesse, potencialmente, acessar fotos a partir da tela de bloqueio. **Recomendações** Para versões do iOS anteriores à 15.4, atualize para o iOS 15.4 ou posterior para resolver o problema. Para versões do iPadOS anteriores à 15.4, atualize para o iPadOS 15.4 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas: Versões do iOS anteriores à 14.5 Versões do iPadOS anteriores à 14.5 Descrição: Uma pessoa com acesso físico a um dispositivo iOS pode conseguir acessar notas a partir da tela de bloqueio. Esse problema foi resolvido com verificações aprimoradas. Recomendações: Para versões do iOS anteriores à 14.5, atualize para o iOS 14.5 ou posterior. Para versões do iPadOS anteriores à 14.5, atualize para o iPadOS 14.5 ou posterior.

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 14.8.1 Versões do iOS anteriores à 15.0.1 Versões do iPadOS anteriores à 14.8.1 Versões do iPadOS anteriores à 15.0.1 **Descrição** Um problema na tela de bloqueio foi corrigido com um gerenciamento de estado aprimorado, o que poderia permitir que um usuário visualizasse conteúdo restrito a partir da tela de bloqueio. **Recomendações** Para versões do iOS anteriores à 14.8.1, atualize para o iOS 14.8.1 ou posterior. Para versões do iOS anteriores à 15.0.1, atualize para o iOS 15.0.1 ou posterior. Para versões do iPadOS anteriores à 14.8.1, atualize para o iPadOS 14.8.1 ou posterior. Para versões do iPadOS anteriores à 15.0.1, atualize para o iPadOS 15.0.1 ou posterior.

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 12.1.1 **Descrição** Um problema na tela de bloqueio permitia o acesso à função de compartilhamento em um dispositivo bloqueado, possibilitando que um invasor local compartilhasse itens diretamente da tela de bloqueio. Esse problema foi resolvido com a restrição das opções disponíveis em um dispositivo bloqueado. **Recomendações** Para versões do iOS anteriores à 12.1.1, atualize para o iOS 12.1.1 para resolver o problema. Como solução temporária, considere restringir o acesso à função de compartilhamento em dispositivos bloqueados até que a atualização seja aplicada.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13.1 iPadOS versions prior to 13.1 **Description** A person with physical access to an iOS device may be able to access contacts from the lock screen. The issue was addressed by restricting options offered on a locked device. **Recommendations** For iOS versions prior to 13.1, update to iOS 13.1 or later. For iPadOS versions prior to 13.1, update to iPadOS 13.1 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13 **Description** The issue allows a person with physical access to an iOS device to access contacts from the lock screen. This was addressed by restricting options offered on a locked device. **Recommendations** For iOS versions prior to 13, update to iOS 13 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1 Description: A lock screen issue allowed unauthorized access to the share function on a locked device. The issue was addressed by restricting options offered on a locked device. Recommendations: For versions prior to iOS 12.1, update to iOS 12.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.0.1 Description: A lock screen issue allowed unauthorized access to the share function on a locked device. The issue was addressed by restricting options offered on a locked device. Recommendations: For versions prior to iOS 12.0.1, update to iOS 12.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the share function on locked devices until the update is applied.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.0.1 Description: A lock screen issue allowed unauthorized access to photos and contacts on a locked device. The issue was addressed by restricting options offered on a locked device. Recommendations: For versions prior to iOS 12.0.1, update to iOS 12.0.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1 Description: A lock screen issue allowed unauthorized access to photos via the Reply With Message feature on a locked device. This was addressed with improved state management. Recommendations: For versions prior to iOS 12.1, update to iOS 12.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1.1 Description: A lock screen issue allowed unauthorized access to contacts on a locked device. This was addressed with improved state management. Recommendations: For versions prior to 12.1.1, update to iOS 12.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 9.1.1 iOS versions prior to 9.3.2 **Description** The issue is related to the mishandling of browsing history deletion by the "Clear History and Website Data" feature. This might allow a local user to obtain sensitive information by leveraging read access to a Safari directory. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Safari versions prior to 9.1.1, update to version 9.1.1 or later to resolve the issue. For iOS versions prior to 9.3.2, update to version 9.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.3.2 **Description** The issue is related to Siri in Apple iOS, where data detectors within results are not blocked in the lock-screen state. This allows physically proximate attackers to obtain sensitive contact and photo information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. The technical details of exploitation include the lack of blocking of data detectors in the lock-screen state, which can be used by attackers to gain access to sensitive information. **Recommendations** For Apple iOS versions prior to 9.3.2, update to version 9.3.2 or later to resolve the issue. As a temporary workaround, consider disabling Siri when the device is in the lock-screen state to minimize the risk of exploitation. Restrict access to sensitive contact and photo information to minimize the risk of unauthorized access.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7.0.2 **Description** The issue concerns a problem with the Passcode Lock feature, where it fails to properly manage the lock state. This allows an attacker with physical access to bypass the passcode requirement. The attacker can then open the Camera app or view the list of recently opened apps by exploiting unspecified transition errors. **Recommendations** For Apple iOS versions prior to 7.0.2, update to version 7.0.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7 **Description** The issue concerns a race condition in the Passcode Lock feature, allowing physically proximate attackers to bypass the passcode requirement. This is achieved by leveraging a specific scenario involving phone calls and the ejection of a SIM card. **Recommendations** For Apple iOS versions prior to 7, update to version 7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6.1.3 **Description** The issue is related to the Passcode Lock implementation, which does not properly manage the lock state. This allows physically proximate attackers to bypass the intended passcode requirement by leveraging an error in the emergency-call feature. **Recommendations** For versions prior to 6.1.3, update to version 6.1.3 or later to resolve the issue.