CVE-2015-5923

iPhone OS < 9.0.1 - Unauthenticated Exposure of Sensitive Information via Lock Screen

Title source: llm
STIX 2.1

Description

Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033687
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT205284
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Sep/msg00006.html

Scores

EPSS 0.0032
EPSS Percentile 24.2%

Details

CWE
CWE-200
Status published
Products (1)
apple/iphone_os < 9.0.1
Published Oct 09, 2015
Tracked Since Feb 18, 2026