CVE-2023-42897

Published: Dec 12, 2023Modified: Nov 4, 2025

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data.

Affected (2)

Products: Apple: Ipados, Iphone Os

Apple

2 products

Ipados

Iphone Os

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	From 17.0 to 17.2
Apple Iphone Os	From 17.0 to 17.2

References (5)

http://seclists.org/fulldisclosure/2023/Dec/7

Source: product-security@apple.com

Third Party Advisory

https://support.apple.com/en-us/HT214035

Source: product-security@apple.com

Release NotesVendor Advisory

http://seclists.org/fulldisclosure/2023/Dec/7

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/en-us/HT214035

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/kb/HT214035

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.