CVE-2024-40822

LOW Year: 2024
CVSS v3 Score
2.4
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. An attacker with physical access to a device may be able to access contacts from the lock screen.

Related Vulnerabilities

CVE-2019-5452

LOW
CVSS:2.4(Low)

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.

CWE-2842019

CVE-2021-25340

LOW
CVSS:2.4(Low)

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.

CWE-2842021

CVE-2022-33706

LOW
CVSS:2.4(Low)

Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.

CWE-2842022

CVE-2022-33720

LOW
CVSS:2.4(Low)

Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.

CWE-2842022

CVE-2023-21438

LOW
CVSS:2.4(Low)

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

CWE-2842023

CVE-2024-27803

LOW
CVSS:2.4(Low)

A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen.

CWE-2842024