PT-2024-29097 · Apple · Ipados+2
Abhay Kailasia
+1
·
Published
2024-09-16
·
Updated
2024-09-25
·
CVE-2024-40840
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 18
iPadOS versions prior to 18
Description
This issue was addressed through improved state management. An attacker with physical access may be able to use Siri to access sensitive user data.
Recommendations
For iOS versions prior to 18, update to iOS 18 to resolve the issue.
For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue.
As a temporary workaround, consider restricting access to Siri until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Siri
Ios
Ipados