CVE-2024-27819

EUVD-2024-25012
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to access contacts from the lock screen.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.4 LOW
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
2.4 LOW
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 17.5
appleiphone_os
𝑥
< 17.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT214101
https://support.apple.com/kb/HT214101
https://support.apple.com/en-us/HT214101
https://support.apple.com/kb/HT214101