CVE-2023-40418

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app.
References
Link Resource
http://seclists.org/fulldisclosure/2023/Oct/9 Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213937 Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2023/Oct/9 Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213937 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:apple:watch_ultra:-:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra_2:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:19

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2023/Oct/9 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2023/Oct/9 - Mailing List, Third Party Advisory
References () https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory () https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory

12 Oct 2023, 02:16

Type Values Removed Values Added
References (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 - (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 - Mailing List, Third Party Advisory

03 Oct 2023, 06:15

Type Values Removed Values Added
References
  • (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 -

28 Sep 2023, 17:38

Type Values Removed Values Added
References (MISC) https://support.apple.com/en-us/HT213937 - (MISC) https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory
First Time Apple watchos
Apple watch Ultra
Apple
Apple watch Ultra 2
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra:-:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra_2:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

27 Sep 2023, 15:41

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-27 15:19

Updated : 2024-11-21 08:19


NVD link : CVE-2023-40418

Mitre link : CVE-2023-40418

CVE.ORG link : CVE-2023-40418


JSON object : View

Products Affected

apple

  • watch_ultra
  • watch_ultra_2
  • watchos