Main Vulnerability Database Vulnerabilities #VU82409

State Issues in Apple iOS and iPadOS - CVE-2023-40408

Published: October 25, 2023

Vulnerability identifier: #VU82409

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-40408

CWE-ID: CWE-371

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
Apple iOS
iPadOS

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an inconsistent user interface issue in My Drafts feature, which can unexpectedly deactivate the Hide My Email option. A remote attacker can gain access to potentially sensitive information.

How to mitigate CVE-2023-40408

Install updates from vendor's website.

Sources

https://support.apple.com/en-us/HT213981

State Issues in Apple iOS and iPadOS - CVE-2023-40408

Detailed vulnerability description

How to mitigate CVE-2023-40408

Sources

Please verify you're human