CVE-2024-54470

Summary

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contacts from the lock screen.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 17.7.1affected
AppleiOS and iPadOS0 < 18.1affected

Weaknesses

  • An attacker with physical access may be able to access contacts from the lock screen

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References