Insecure Password Access via Physical Device Access

Insecure Password Access via Physical Device Access

CVE-2021-30948 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication.

Learn more about our Cis Benchmark Audit For Apple Ios.