{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-27803", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-02-26T15:32:28.517Z", "datePublished": "2024-05-13T23:00:49.678Z", "dateUpdated": "2024-08-02T00:41:55.161Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access may be able to share items from the lock screen"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "17.5", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen."}], "references": [{"url": "https://support.apple.com/en-us/HT214101"}, {"url": "http://seclists.org/fulldisclosure/2024/May/10"}, {"url": "https://support.apple.com/kb/HT214101"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-05-13T23:00:49.678Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-14T16:04:14.278783Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:46:44.628Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.161Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214101", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/May/10", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214101", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214101", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/May/10", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214101", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.161Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-14T16:04:14.278783Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-14T16:05:00.909Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.5", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT214101"}, {"url": "http://seclists.org/fulldisclosure/2024/May/10"}, {"url": "https://support.apple.com/kb/HT214101"}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker with physical access may be able to share items from the lock screen"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-05-13T23:00:49.678Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27803", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:41:55.161Z", "dateReserved": "2024-02-26T15:32:28.517Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-05-13T23:00:49.678Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649", "versionEndExcluding": "17.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E", "versionEndExcluding": "17.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de permisos con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en iOS 17.5 y iPadOS 17.5. Un atacante con acceso f\u00edsico puede compartir elementos desde la pantalla de bloqueo."}], "id": "CVE-2024-27803", "lastModified": "2024-12-09T19:19:52.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2024-05-14T15:13:03.823", "references": [{"source": "[email protected]", "tags": ["Mailing List"], "url": "http://seclists.org/fulldisclosure/2024/May/10"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214101"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT214101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://seclists.org/fulldisclosure/2024/May/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT214101"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}

{}