Published: 23/06/2023 Updated: 06/09/2023

CVSS v3 Base Score: 2.4 | Impact Score: 1.4 | Exploitability Score: 0.9

VMScore: 0

This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple watchos

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...

Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources High school student and Amnesty International named among bug-finders

Apple has issued a bushel of security updates and warned that three of the flaws it's fixed are under active attack. The three are CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, all of which impact the WebKit browser engine that Apple champions and employs in its Safari browser – and demands be used by other browsers on iOS. CVE-2023-32409 means "A remote attacker may be able to break out of Web Content sandbox." Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill...

CVE-2023-32417

Vulnerability Summary

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect