CVE-2023-28647

Name of the Vulnerable Software and Affected Versions Nextcloud iOS versions prior to 4.7.0

Description The issue affects the Nextcloud iOS application, which is used to interface with the Nextcloud home cloud ecosystem. When an attacker has physical access to an unlocked device, they may enable integration into the iOS Files app, bypassing the Nextcloud pin/password protection and gaining access to a user's files.

Recommendations For versions prior to 4.7.0, upgrade the Nextcloud iOS app to 4.7.0 to resolve the issue. At the moment, there is no information about other workarounds for this vulnerability.