CVE-2023-40529

CVSS 3.1 Score 2.4 of 10 (low)

Details

Published Jan 10, 2024

Updated: Jan 17, 2024

Summary

CVE-2023-40529 is a vulnerability affecting iOS 16 and iPadOS 16. It allows individuals with physical access to the device to exploit the VoiceOver feature and gain unauthorized access to private calendar information. The issue has been resolved in the latest updates, iOS 17, and iPadOS 17, through enhanced redaction of sensitive data. This vulnerability poses a significant risk to privacy and highlights the importance of timely software updates to maintain security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWGhh3
https://www.cve.org/CVERecord?id=CVE-2023-40529
https://nvd.nist.gov/vuln/detail/CVE-2023-40529

Back to Vulnerability Database