CVE-2024-40840

MEDIUM

4.6

Beschreibung

This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data.

CVE Details

CVSS v3.1 Bewertung4.6

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AngriffsvektorPHYSICAL

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht9/17/2024

Zuletzt geandert11/4/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:ipadosapple:iphone_os

Referenzen

https://support.apple.com/en-us/121250(product-security@apple.com)

http://seclists.org/fulldisclosure/2024/Sep/32(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.