Vulnerability: Bypassing iCloud Password Requirement in Find My iPhone Feature

Vulnerability: Bypassing iCloud Password Requirement in Find My iPhone Feature

CVE-2018-4172 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Find My iPhone" component. It allows physically proximate attackers to bypass the iCloud password requirement for disabling the "Find My iPhone" feature via vectors involving a backup restore.

Learn more about our Cis Benchmark Audit For Apple Ios.