Srijan Poudel

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.1 iPadOS versions prior to 18.1 **Description** The issue allows an attacker with physical access to potentially access contact photos from the lock screen. This is possible due to insufficient restrictions on options offered on a locked device. **Recommendations** For iOS versions prior to 18.1, update to iOS 18.1 or later to resolve the issue. For iPadOS versions prior to 18.1, update to iPadOS 18.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18 iPadOS versions prior to 18 **Description** The issue allows an attacker with physical access to potentially access contacts from the lock screen. This is achieved through a lock screen vulnerability. **Recommendations** For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 16.7.9 Apple iPadOS versions prior to 16.7.9 Apple macOS Ventura versions prior to 13.6.8 Apple iOS versions prior to 17.6 Apple iPadOS versions prior to 17.6 Apple watchOS versions prior to 10.6 Apple macOS Sonoma versions prior to 14.6 **Description** This issue allows an attacker with physical access to potentially use Siri to access sensitive user data by exploiting options available on a locked device. The issue was addressed by restricting these options. **Recommendations** For Apple iOS versions prior to 16.7.9, update to iOS 16.7.9 or later. For Apple iPadOS versions prior to 16.7.9, update to iPadOS 16.7.9 or later. For Apple macOS Ventura versions prior to 13.6.8, update to macOS Ventura 13.6.8 or later. For Apple iOS versions prior to 17.6, update to iOS 17.6 or later. For Apple iPadOS versions prior to 17.6, update to iPadOS 17.6 or later. For Apple watchOS versions prior to 10.6, update to watchOS 10.6 or later. For Apple macOS Sonoma versions prior to 14.6, update to macOS Sonoma 14.6 or later.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 10.6 macOS Sonoma versions prior to 14.6 iOS versions prior to 17.6 iPadOS versions prior to 17.6 iOS versions prior to 16.7.9 iPadOS versions prior to 16.7.9 **Description** The issue allows an attacker with physical access to a device to access contacts from the lock screen. This is achieved by exploiting options offered on a locked device. **Recommendations** For watchOS versions prior to 10.6, update to watchOS 10.6 to resolve the issue. For macOS Sonoma versions prior to 14.6, update to macOS Sonoma 14.6 to resolve the issue. For iOS versions prior to 17.6, update to iOS 17.6 to resolve the issue. For iPadOS versions prior to 17.6, update to iPadOS 17.6 to resolve the issue. For iOS versions prior to 16.7.9, update to iOS 16.7.9 to resolve the issue. For iPadOS versions prior to 16.7.9, update to iPadOS 16.7.9 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.5 iPadOS versions prior to 17.5 Description: The issue allows an attacker with physical access to potentially access contacts from the lock screen due to a lack of protection for certain data. This is related to the Siri personal assistant in iPadOS and iOS operating systems. Recommendations: For iOS versions prior to 17.5, update to iOS 17.5 to resolve the issue. For iPadOS versions prior to 17.5, update to iPadOS 17.5 to resolve the issue. As a temporary workaround, consider restricting access to the lock screen to minimize the risk of exploitation.