CVE-2014-1351

Published: Jul 1, 2014Modified: May 6, 2026

3.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 3.9 / Impact: 4.9

Source: NVD

Description

Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously.

Affected (9)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 7.1.1
Apple Iphone Os	Version 7.0.1
Apple Iphone Os	Version 7.0.2
Apple Iphone Os	Version 7.0.3
Apple Iphone Os	Version 7.0.4
Apple Iphone Os	Version 7.0.5
Apple Iphone Os	Version 7.0.6
Apple Iphone Os	Version 7.0
Apple Iphone Os	Version 7.1

Related CWEs

CWE-264

References (6)

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: product-security@apple.com

http://www.securityfocus.com/bid/68276

Source: product-security@apple.com

http://www.securitytracker.com/id/1030500

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030500

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.