CVE-2024-40822 is a vulnerability identified in Apple’s iOS and iPadOS platforms that allows an attacker with physical access to a device to access the contacts list from the lock screen without authentication or user interaction. This issue stems from insufficient restrictions on the options presented on a locked device, which inadvertently expose contact information. The vulnerability affects multiple Apple operating systems, including iOS, iPadOS, watchOS, and macOS, with patches released in iOS 17.6, iPadOS 17.6, iOS 16.7.9, iPadOS 16.7.9, watchOS 10.6, and macOS Sonoma 14.6. The CVSS v3.1 base score is 2.4, reflecting low impact primarily on confidentiality, with no effect on integrity or availability. The attack vector requires physical access (AV:P), no privileges (PR:N), and no user interaction (UI:N). The vulnerability is classified under CWE-284 (Improper Access Control). No known exploits have been reported in the wild, indicating limited active threat. The fix involves restricting the options available on the lock screen to prevent unauthorized contact access. This vulnerability highlights the importance of robust lock screen security controls to protect sensitive user data even when devices are locked.

For European organizations, the primary impact of CVE-2024-40822 is the potential unauthorized disclosure of contact information from locked Apple devices. This could lead to privacy violations, social engineering, or targeted phishing attacks if contact details are exposed to malicious actors with physical access. While the vulnerability does not compromise device integrity or availability, the confidentiality breach could affect employees, clients, or partners whose contact data is stored on these devices. Organizations with a mobile workforce relying on Apple devices are at higher risk, especially if physical device security is lax. The impact is more pronounced in sectors handling sensitive or regulated data, such as finance, healthcare, and government. However, the low CVSS score and absence of known exploits suggest a limited immediate threat, but timely patching is essential to mitigate potential risks.

1. Promptly update all affected Apple devices to the fixed OS versions: iOS 17.6, iPadOS 17.6, iOS 16.7.9, iPadOS 16.7.9, watchOS 10.6, and macOS Sonoma 14.6. 2. Enforce strict physical security policies to prevent unauthorized access to devices, including secure storage and use of device locks. 3. Educate employees on the importance of device security and the risks of leaving devices unattended. 4. Review and configure lock screen settings to minimize data exposure, disabling features that allow access to contacts or other sensitive information without authentication. 5. Implement Mobile Device Management (MDM) solutions to enforce security policies and ensure devices remain updated. 6. Monitor for unusual access patterns or physical access incidents to devices, especially in high-risk environments. 7. Conduct regular security audits and penetration tests focusing on physical security and device access controls.