CVE-2023-41988

Summary

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 14.1affected
ApplewatchOSunspecified < 10.1affected
AppleiOS and iPadOSunspecified < 17.1affected

Weaknesses

  • An attacker with physical access may be able to use Siri to access sensitive user data

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References