Apple iOS vulnerabilities

CVE-2019-8732 [LOW] CWE-459 CVE-2019-8732: The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls re The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.

CVE-2019-8599 [LOW] CVE-2019-8599: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person wi A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes.

CVE-2019-8682 [LOW] CWE-306 CVE-2019-8682: The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A u The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.

CVE-2015-1109 [LOW] CVE-2015-1109: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1109 Component: CVE-ID

CVE-2015-1116 [LOW] CVE-2015-1116: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1116 Component: CVE-ID

CVE-2020-3828 [LOW] CVE-2020-3828: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with imp A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

CVE-2020-3859 [LOW] CVE-2020-3859: An inconsistent user interface issue was addressed with improved state management. This issue is fix An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

CVE-2019-8775 [LOW] CVE-2019-8775: The issue was addressed by restricting options offered on a locked device. This issue is fixed in iO The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

CVE-2022-32872 [LOW] CWE-284 CVE-2022-32872: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen.

CVE-2018-4123 [LOW] CVE-2018-4123: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4123 Component: Clock Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. This issue was addressed with improved access restrictions.

CVE-2017-7139 [LOW] CVE-2017-7139: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-7139 Component: Phone Impact: A screenshot of secure content may be taken when locking an iOS device Description: A timing issue existed in the handling of locking. This issue was addressed by disabling screenshots while locking.

CVE-2020-9848 [LOW] CVE-2020-9848: An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A person with physical access to an iOS device may be able to view notification contents from the lockscreen.

CVE-2019-8742 [LOW] CVE-2019-8742: The issue was addressed by restricting options offered on a locked device. This issue is fixed in iO The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.

CVE-2018-4430 [LOW] CVE-2018-4430: iOS 12.1.1 Apple Security Update: About the security content of iOS 12.1.1 Product: iOS Version: 12.1.1 CVE: CVE-2018-4430 Component: FaceTime Impact: A local attacker may be able to view contacts from the lock screen Description: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.

CVE-2018-4387 [LOW] CVE-2018-4387: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4387 Component: VoiceOver Impact: A local attacker may be able to view photos from the lock screen Description: A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.

CVE-2020-9959 [LOW] CWE-667 CVE-2020-9959: A lock screen issue allowed access to messages on a locked device. This issue was addressed with imp A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0. A person with physical access to an iOS device may be able to view notification contents from the lockscreen.

CVE-2020-3891 [LOW] CVE-2020-3891: A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPad A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled.

CVE-2018-4325 [LOW] CVE-2018-4325: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4325 Component: Status Bar Impact: A person with physical access to an iOS device may be able to determine the last used app from the lock screen Description: A logic issue was addressed with improved restrictions.

CVE-2018-4177 CVE-2018-4177: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4177 Impact: An attacker in a privileged network position may be able to spoof password prompts in the Apple TV App Description: An input validation issue was addressed through improved input validation.

CVE-2016-4695 CVE-2016-4695: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-4695 Component: JavaScriptCore Impact: A script executing in a JavaScript sandbox may be able to access state outside that sandbox Description: A validation issue existed in processing JavaScript. This issue was addressed through improved validation.