CVE-2024-27835

EPSS 0.14%
Veröffentlicht 14.05.2024 15:13:07
Zuletzt bearbeitet 02.04.2026 19:17:28
Quelle product-security@apple.com
CVE-Watchlists
Login
Unerledigt
Login

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to access notes from the lock screen.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPadOS Version < 17.5

Apple ≫ iPhone OS Version < 17.5

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.337

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.4	0.9	1.4	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	2.4	0.9	1.4	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://seclists.org/fulldisclosure/2024/May/10

Mailing List

https://support.apple.com/kb/HT214101

Vendor Advisory

https://support.apple.com/en-us/HT214101

Vendor Advisory

https://support.apple.com/en-us/120905

https://nvd.nist.gov/vuln/detail/CVE-2024-27835

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27835

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27835

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-27835