Information disclosure in Apple iOS and iPadOS - CVE-2021-30875
Published: October 27, 2021
Vulnerability identifier: #VU57750
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-30875
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
Apple iOS
iPadOS
Apple iOS
iPadOS
Detailed vulnerability description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists in Siri. An attacker with physical access to device can view contacts from the lock screen.
How to mitigate CVE-2021-30875
Install updates from vendor's website.