Information disclosure in Apple iOS and iPadOS - CVE-2021-30875
Published: October 27, 2021
Vulnerability identifier: #VU57750
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-30875
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Apple iOS
iPadOS
Apple iOS
iPadOS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists in Siri. An attacker with physical access to device can view contacts from the lock screen.
Remediation
Install updates from vendor's website.