PT-2024-4832 · Apple · Ipados+1

Srijan Poudel

Published

2024-05-13

Updated

2024-07-03

CVE-2024-27819

CVSS v3.1

2.4

Low

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.5 iPadOS versions prior to 17.5

Description: The issue allows an attacker with physical access to potentially access contacts from the lock screen due to a lack of protection for certain data. This is related to the Siri personal assistant in iPadOS and iOS operating systems.

Recommendations: For iOS versions prior to 17.5, update to iOS 17.5 to resolve the issue. For iPadOS versions prior to 17.5, update to iPadOS 17.5 to resolve the issue. As a temporary workaround, consider restricting access to the lock screen to minimize the risk of exploitation.

Fix

Improper Access Control

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-200

Related Identifiers

BDU:2024-05356

CVE-2024-27819

Affected Products

Ios

Ipados

PT-2024-4832 · Apple · Ipados+1

CVE-2024-27819

Weakness Enumeration

Related Identifiers

Affected Products

References · 10