PT-2018-16507 · Apple · Ios+1

Hunter Byrnes

Published

2018-06-08

Updated

2018-07-17

CVE-2018-4252

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 11.4

Description The issue involves the Siri component and allows physically proximate attackers to bypass the lock-screen protection mechanism, obtaining private notification content via Siri.

Recommendations For iOS versions prior to 11.4, update to version 11.4 or later to resolve the issue. As a temporary workaround, consider disabling the Siri feature when the device is locked to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-4252

Affected Products

Siri

Ios

PT-2018-16507 · Apple · Ios+1

CVE-2018-4252

Weakness Enumeration

Related Identifiers

Affected Products

References · 4