CVE-2018-4387: Infoleak
VoiceOver. A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.
Other sources
A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4384
- CVE-2018-4339
- CVE-2018-4365
- CVE-2018-4398
- CVE-2018-4366
- CVE-2018-4367
- CVE-2018-4394
- CVE-2018-4427
- CVE-2018-4371
- CVE-2018-4420
- CVE-2018-4413
- CVE-2018-4419
- CVE-2018-4381
- CVE-2018-4390
- CVE-2018-4391
- CVE-2018-4369
- CVE-2018-4388
- CVE-2018-4374
- CVE-2018-4377
- CVE-2018-4400
- CVE-2018-4387
- CVE-2018-4385
- CVE-2018-4372
- CVE-2018-4373
- CVE-2018-4375
- CVE-2018-4376
- CVE-2018-4382
- CVE-2018-4386
- CVE-2018-4392
- CVE-2018-4416
- CVE-2018-4409
- CVE-2018-4378
- CVE-2018-4368
Frequently Asked Questions
How can an attacker leverage CVE-2018-4387?
An attacker can use this vulnerability to access photos on a locked device by exploiting a lock screen issue.
Which versions of iOS are affected by CVE-2018-4387?
Versions prior to iOS 12.1 are affected.
What is the severity rating for CVE-2018-4387?
The severity rating for CVE-2018-4387 is low, with a CVSS score of 2.4.
How was CVE-2018-4387 addressed?
CVE-2018-4387 was addressed with improved state management.
Where can I find more information about CVE-2018-4387?
More information about CVE-2018-4387 can be found on the Apple support website: https://support.apple.com/kb/HT209192