An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ipados | Apple | * | 17.7.3 (excluding) |
Ipados | Apple | 18.0 (including) | 18.3 (excluding) |
Iphone_os | Apple | * | 18.3 (including) |