CVE-2023-40418

EUVD-2023-44989
An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
applewatchos
𝑥
< 10.0
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2023/Oct/9
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/9
https://support.apple.com/en-us/HT213937
https://support.apple.com/kb/HT213937