Vulnerabilities > CVE-2024-23289 - Unspecified vulnerability in Apple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical access to a device may be able to use Siri to access private calendar information.
Vulnerable Configurations
References
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/24
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214088