cvedb.io
CVE-2018-4172
MEDIUM · CVSS 4.6
EPSS exploitation probability: 0%
Published 2018-04-03T06:29:07.967 · Last modified 2026-06-17T01:58:29.797

Summary

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Find My iPhone" component. It allows physically proximate attackers to bypass the iCloud password requirement for disabling the "Find My iPhone" feature via vectors involving a backup restore.

Affected products

apple — iphone_os

Does this affect you?

Add your gear to cvedb and we'll alert you only when apple ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.