This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to silently persist an Apple ID on an erased device.

Related CVEs

CVE-2023-42855

Key Information

GHSA ID

GHSA-8j5h-7226-33mj

Published

February 21, 2024 9:31 AM

Last Modified

November 1, 2024 9:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 13, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.