CVE-2018-4144

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: Apr 3, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-4144
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
apple / iphone_os	-	11.3
apple / watchos	-	4.3
apple / mac_os_x	-	10.13.4
apple / tvos	-	11.3
apple / icloud	-	7.4
apple / itunes	-	12.7.4

http://www.securityfocus.com/bid/103582
http://www.securitytracker.com/id/1040604
http://www.securitytracker.com/id/1040608
https://support.apple.com/HT208692
https://support.apple.com/HT208693
https://support.apple.com/HT208694
https://support.apple.com/HT208696
https://support.apple.com/HT208697
https://support.apple.com/HT208698

Vulnerability Database

290,273

CVE-2018-4144