CVE-2023-40418

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
applewatchos
𝑥
< 10.0
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2023/Oct/9
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/9
https://support.apple.com/en-us/HT213937