The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data.

Related CVEs

CVE-2023-42897

Key Information

GHSA ID

GHSA-264w-p3vv-mx7p

Published

December 12, 2023 3:31 AM

Last Modified

December 13, 2023 9:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.