{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-40839","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-07-10T17:11:04.706Z","datePublished":"2025-01-15T19:35:59.036Z","dateUpdated":"2026-04-02T18:21:14.373Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"17.5","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen."}],"references":[{"url":"https://support.apple.com/en-us/120905"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:21:14.373Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-862","lang":"en","description":"CWE-862 Missing Authorization"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":2.4,"attackVector":"PHYSICAL","baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-16T16:58:01.627374Z","id":"CVE-2024-40839","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-16T17:00:13.595Z"}}]}}