CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
26.0%
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. An attacker with physical access may be able to use Siri to access sensitive user data.
seclists.org/fulldisclosure/2024/Jul/16
seclists.org/fulldisclosure/2024/Jul/17
seclists.org/fulldisclosure/2024/Jul/18
seclists.org/fulldisclosure/2024/Jul/19
seclists.org/fulldisclosure/2024/Jul/21
support.apple.com/en-us/HT214116
support.apple.com/en-us/HT214117
support.apple.com/en-us/HT214119
support.apple.com/en-us/HT214120
support.apple.com/en-us/HT214124