CVE-2024-40852

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access.
References
Link Resource
https://support.apple.com/en-us/121250 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

History

19 Mar 2025, 18:15

Type Values Removed Values Added
CWE CWE-862

12 Dec 2024, 15:28

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 5.3
CPE cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Apple
Apple ipados
Apple iphone Os
References () https://support.apple.com/en-us/121250 - () https://support.apple.com/en-us/121250 - Vendor Advisory

Information

Published : 2024-09-17 00:15

Updated : 2025-03-19 18:15


NVD link : CVE-2024-40852

Mitre link : CVE-2024-40852

CVE.ORG link : CVE-2024-40852


JSON object : View

Products Affected

apple

  • iphone_os
  • ipados
CWE
NVD-CWE-noinfo CWE-862

Missing Authorization