This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access.
References
History

Thu, 12 Dec 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Tue, 17 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
CPEs cpe:2.3:o:apple:ios_and_ipados:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ios And Ipados
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 16 Sep 2024 23:30:00 +0000

Type Values Removed Values Added
Description This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-09-16T23:23:22.334Z

Updated: 2024-09-17T13:24:52.292Z

Reserved: 2024-07-10T17:11:04.710Z

Link: CVE-2024-40852

cve-icon Vulnrichment

Updated: 2024-09-17T13:24:31.486Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-17T00:15:49.440

Modified: 2024-12-12T15:28:11.783

Link: CVE-2024-40852

cve-icon Redhat

No data.