CVE-2024-40840

Medium

4.6/10

Summary

This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Sep 17, 2024

CVE-2024-40840

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS