CVE-2024-40840

Vulnerability

CVE-2024-40840 is a vulnerability in iOS and iPadOS that allows Siri to access sensitive user data when the device is locked. The issue was addressed through improved state management. Affected versions include iOS and iPadOS prior to version 18, which is fixed in iOS 18 and iPadOS 18 [1]. The vulnerability is present on iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later [1].

Exploitation

An attacker with physical access to the device can exploit this vulnerability by using Siri commands that bypass the lock screen. No authentication is required beyond having the device in a state where Siri is accessible from the lock screen [1]. The exact sequence of steps is not detailed in the available references, but the core requirement is physical possession of an unlocked or partially accessible device.

Impact

Successful exploitation allows the attacker to access sensitive user data through Siri, without needing to unlock the device. This could include personal information, messages, contacts, or other data that Siri can retrieve. The compromise occurs at the user's privilege level, as Siri operates within the user's session [1].

Mitigation

The vulnerability is fixed in iOS 18 and iPadOS 18, released on September 16, 2024 [1]. Users should update their devices to the latest OS version. No workarounds are listed in the available references [1].