Information disclosure in Apple iOS and iPadOS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-30918 |
| CWE-ID | CWE-371 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Apple iOS Operating systems & Components / Operating system iPadOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) State Issues
EUVDB-ID: #VU57746
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-30918
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in the Status Bar component. A local attacker can view restricted content from the lockscreen.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApple iOS: 15.0 19A346
iPadOS: 15.0 19A346
CPE2.3 External linkshttps://support.apple.com/en-us/HT212866
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
