This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.

Related CVEs

CVE-2024-40851

Key Information

GHSA ID

GHSA-xf6c-qw6x-qr69

Published

October 28, 2024 9:30 PM

Last Modified

October 29, 2024 6:30 PM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 15, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.