Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2018-4237

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error.

Published: Jun 8, 2018
Updated: Nov 9, 2025
CVE: CVE-2018-4237
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	-	10.13.5
apple / iphone_os	-	11.4
apple / watchos	-	4.3.1
apple / tvos	-	11.4

http://www.securitytracker.com/id/1041027
https://support.apple.com/HT208848
https://support.apple.com/HT208849
https://support.apple.com/HT208850
https://support.apple.com/HT208851
https://www.exploit-db.com/exploits/45916/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo