{"api_version":"1","generated_at":"2026-04-23T02:46:50+00:00","cve":"CVE-2023-41988","urls":{"html":"https://cve.report/CVE-2023-41988","api":"https://cve.report/api/cve/CVE-2023-41988.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-41988","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-41988"},"summary":{"title":"CVE-2023-41988","description":"This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2023-10-25 19:15:00","updated_at":"2023-11-02 18:00:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://support.apple.com/kb/HT213984","name":"https://support.apple.com/kb/HT213984","refsource":"MISC","tags":[],"title":"About the security content of macOS Sonoma 14.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/19","name":"http://seclists.org/fulldisclosure/2023/Oct/19","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-10-25-2023-1 iOS 17.1 and iPadOS 17.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/25","name":"http://seclists.org/fulldisclosure/2023/Oct/25","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-10-25-2023-8 watchOS 10.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213982","name":"https://support.apple.com/en-us/HT213982","refsource":"MISC","tags":[],"title":"About the security content of iOS 17.1 and iPadOS 17.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://support.apple.com/en-us/HT213984","name":"https://support.apple.com/en-us/HT213984","refsource":"MISC","tags":[],"title":"About the security content of macOS Sonoma 14.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://support.apple.com/en-us/HT213988","name":"https://support.apple.com/en-us/HT213988","refsource":"MISC","tags":[],"title":"About the security content of watchOS 10.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://support.apple.com/kb/HT213988","name":"https://support.apple.com/kb/HT213988","refsource":"MISC","tags":[],"title":"About the security content of watchOS 10.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/24","name":"http://seclists.org/fulldisclosure/2023/Oct/24","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-10-25-2023-4 macOS Sonoma 14.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213982","name":"https://support.apple.com/kb/HT213982","refsource":"MISC","tags":[],"title":"About the security content of iOS 17.1 and iPadOS 17.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-41988","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41988","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"41988","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"41988","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"41988","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"41988","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-41988","qid":"378975","title":"Apple MacOS Sonoma 14.1 Not Installed (HT213984)"},{"cve":"CVE-2023-41988","qid":"610521","title":"Apple iOS 17.1 and iPadOS 17.1 Security Update Missing (HT213982)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-41988","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"An attacker with physical access may be able to use Siri to access sensitive user data"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"14.1"}]}},{"product_name":"watchOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"10.1"}]}},{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"17.1"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.apple.com/en-us/HT213984","refsource":"MISC","name":"https://support.apple.com/en-us/HT213984"},{"url":"https://support.apple.com/en-us/HT213988","refsource":"MISC","name":"https://support.apple.com/en-us/HT213988"},{"url":"https://support.apple.com/en-us/HT213982","refsource":"MISC","name":"https://support.apple.com/en-us/HT213982"},{"url":"https://support.apple.com/kb/HT213982","refsource":"MISC","name":"https://support.apple.com/kb/HT213982"},{"url":"https://support.apple.com/kb/HT213984","refsource":"MISC","name":"https://support.apple.com/kb/HT213984"},{"url":"https://support.apple.com/kb/HT213988","refsource":"MISC","name":"https://support.apple.com/kb/HT213988"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/19","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2023/Oct/19"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/24","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2023/Oct/24"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/25","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2023/Oct/25"}]}},"nvd":{"publishedDate":"2023-10-25 19:15:00","lastModifiedDate":"2023-11-02 18:00:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.8,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"17.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"10.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"17.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}