CVE-2023-40418

CVE Database · CVE-2023-40418

CVE-2023-40418

· MEDIUMModified

CVSS v3.1

5.5

EPSS

0.32%

Published

Sep 27, 2023

Modified

Nov 4, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products (3)

apple · watchos (up to 10.0)vulnerable

apple · watch_ultra

apple · watch_ultra_2

References (5)

http://seclists.org/fulldisclosure/2023/Oct/9

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT213937

Release NotesVendor Advisory

http://seclists.org/fulldisclosure/2023/Oct/9

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT213937

Release NotesVendor Advisory

https://support.apple.com/kb/HT213937

KEV Catalog EPSS Scores Vendors All CVEs