CVE-2017-13805
Description
In iOS before 11.1, Siri reveals private-content notifications on the lock screen, allowing physically proximate attackers to obtain sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In iOS before 11.1, Siri reveals private-content notifications on the lock screen, allowing physically proximate attackers to obtain sensitive information.
Vulnerability
The Siri component in Apple iOS before version 11.1 allows notifications with private content to be displayed in response to Siri requests when the device is locked. This bypasses intended lock-screen restrictions, exposing sensitive information. Affected versions are iOS prior to 11.1 [1].
Exploitation
A physically proximate attacker can make a Siri request on a locked device to trigger the display of private notifications. No authentication or special privileges are needed beyond physical access to the device.
Impact
An attacker can obtain sensitive information from private-content notifications that should only be visible when the device is unlocked. This constitutes an information disclosure vulnerability.
Mitigation
The issue is fixed in iOS 11.1, released on October 31, 2017 [1]. Users should update to iOS 11.1 or later.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < 11.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securitytracker.com/id/1039703nvdThird Party AdvisoryVDB Entry
- support.apple.com/HT208222nvdVendor Advisory
News mentions
0No linked articles in our index yet.