CVE-2022-22652
MEDIUMiPadOS < 15.4 - Missing Authentication for GSMA Panel on Lock Screen
Title source: llmDescription
The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen.
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213182
Scores
CVSS v3
6.1
EPSS
0.0030
EPSS Percentile
21.6%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-306
Status
published
Products (2)
apple/ipados
< 15.4
apple/iphone_os
< 15.4
Published
Mar 18, 2022
Tracked Since
Feb 18, 2026