CVE-2023-41988
CVSS 3.1 Score 6.8 of 10 (medium)
Details
Published Oct 25, 2023
Updated: Nov 2, 2023
Summary
CVE-2023-41988 is a vulnerability affecting Apple devices that allowed an attacker with physical access to access sensitive user data through Siri on a locked device. This issue has been resolved in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1, and iPadOS 17.1 by restricting certain options on a locked device. Prior to the patch, an attacker could potentially bypass the lock screen and gain access to personal information using Siri commands. This vulnerability highlights the importance of keeping software up-to-date to protect against potential security threats.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Apple Watch
- WatchOS
- Apple (iPhone OS)
- MacOS
- iPadOS
Affected Vendors
- Apple