This vulnerability allows an attacker with physical access to a locked iPhone or iPad to view sensitive user information stored in system logging. This is a serious issue as it can be used for unauthorized access to personal data.
This vulnerability allows an attacker with physical access to a locked iPhone or iPad to view sensitive user information stored in system logging. This is a serious issue as it can be used for unauthorized access to personal data.
iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
Check with: No automated detection in major tools (OSV, Nuclei, Sigma, Snort/Suricata, YARA, Semgrep). However, you can check the iOS version by going to Settings > General > About, then tapping on "Storage & iCloud Usage" and looking for the "Version" number.
Upgrade to iOS 18.7.2 or later: https://support.apple.com/en-us/125633 (Note: This is a recommended update)
- Immediate mitigations:
- Restrict network access to your device (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation