CVE-2023-40418

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app.
References
Link Resource
http://seclists.org/fulldisclosure/2023/Oct/9 Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213937 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:apple:watch_ultra:-:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra_2:-:*:*:*:*:*:*:*

History

12 Oct 2023, 02:16

Type Values Removed Values Added
References (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 - (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 - Mailing List, Third Party Advisory

03 Oct 2023, 06:15

Type Values Removed Values Added
References
  • (MISC) http://seclists.org/fulldisclosure/2023/Oct/9 -

28 Sep 2023, 17:38

Type Values Removed Values Added
First Time Apple watchos
Apple watch Ultra
Apple
Apple watch Ultra 2
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra:-:*:*:*:*:*:*:*
cpe:2.3:h:apple:watch_ultra_2:-:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
References (MISC) https://support.apple.com/en-us/HT213937 - (MISC) https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory

27 Sep 2023, 15:41

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-27 15:19

Updated : 2024-02-28 20:33


NVD link : CVE-2023-40418

Mitre link : CVE-2023-40418

CVE.ORG link : CVE-2023-40418


JSON object : View

Products Affected

apple

  • watchos
  • watch_ultra_2
  • watch_ultra