Multiple vulnerabilities in Apple iOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 36 |
| CVE-ID | CVE-2018-4215 CVE-2018-4100 CVE-2018-4211 CVE-2018-4202 CVE-2018-4241 CVE-2018-4243 CVE-2018-4249 CVE-2018-4237 CVE-2018-4239 CVE-2018-4227 CVE-2018-4235 CVE-2018-4240 CVE-2018-4250 CVE-2018-4247 CVE-2018-4221 CVE-2018-4223 CVE-2018-4224 CVE-2018-4225 CVE-2018-4226 CVE-2018-4238 CVE-2018-4252 CVE-2018-4244 CVE-2018-4198 CVE-2018-4188 CVE-2018-4201 CVE-2018-4218 CVE-2018-4233 CVE-2018-4199 CVE-2018-4232 CVE-2018-4192 CVE-2018-4214 CVE-2018-4204 CVE-2018-4246 CVE-2018-4190 CVE-2018-4222 CVE-2018-5383 |
| CWE-ID | CWE-120 CWE-400 CWE-119 CWE-451 CWE-20 CWE-264 CWE-200 CWE-300 CWE-362 CWE-843 CWE-125 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #6 is being exploited in the wild. Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #12 is available. Public exploit code for vulnerability #27 is available. |
| Vulnerable software Subscribe |
Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 36 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU13127
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4215
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to buffer overflow in the Bluetooth component. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU10212
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4100
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to input validation flaw in the LinkPresentation component. A remote attacker can send a specially crafted text message, consume all available resources and cause the application to crash.
Update to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU13147
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4211
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the FontParser component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Spoofing attack
EUVDB-ID: #VU13161
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4202
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists due to input validation flaw in the iBooks component. A remote attacker can supply specially crafted content and spoof password prompts.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU13152
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4241
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to buffer overflow in the the kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU13153
Risk: Low
CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2018-4243
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to buffer overflow in the the kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
7) Improper input validation
EUVDB-ID: #VU13158
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4249
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists due to an unspecified validation flaw in the kernel component. A remote attacker can supply specially crafted content and cause the service to crash.
Update to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Privilege escalation
EUVDB-ID: #VU13157
Risk: Low
CVSSv3.1: 7.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2018-4237
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to a logic error in the libxpc component. A local attacker can run a specially crafted application and gain elevated privileges.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
9) Security restrictions bypass
EUVDB-ID: #VU13129
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4239
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a physically local attacker to bypass security restrictions on the target system.
The vulnerability exists due to a permissions error in the Magnifier component. A physically local attacker can bypass security restrictions and view the last image used in Magnifier.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Information disclosure
EUVDB-ID: #VU13175
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4227
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a flaw in the Mail component in the processing of S/MIME-encrypted email. A remote attacker can obtain contents on the email.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU13164
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4235
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The vulnerability exists due to input validation flaw in the Messages component. A local attacker can supply specially crafted content, bypass security restrictions and conduct impersonation attacks.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU13159
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-4240
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted message and cause the service to crash.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
13) Improper input validation
EUVDB-ID: #VU13132
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4250
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to a validation flaw in the Messages component. A remote attacker can send a specially crafted message and cause the service to crash.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU13140
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4247
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to improper validation of user-supplied input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website and cause the service to crash.
Update to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Man-in-the-middle attack
EUVDB-ID: #VU13172
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4221
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct man-in-the-middle attack on the target system.
The vulnerability exists due to a flaw in the Security component in the handling of S-MIME client certificates. A remote attacker can conduct man-in-the-middle attack, intercept of the communication channel between the affected app and track the target user.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Information disclosure
EUVDB-ID: #VU13169
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4223
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a state management error in the Security component. A local attacker can read a persistent account identifier.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Information disclosure
EUVDB-ID: #VU13170
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4224
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a state management error in the Security component. A local attacker can read a persistent account identifier.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Security restrictions bypass
EUVDB-ID: #VU13173
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4225
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The vulnerability exists due to a state management error in the Security component. A local attacker can bypass security restrictions and modify the state of the Keychain.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208849
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Information disclosure
EUVDB-ID: #VU13174
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4226
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a state management error in the Security component. A local attacker can view sensitive user information.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Security restrictions bypass
EUVDB-ID: #VU13128
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4238
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a physically local attacker to bypass security restrictions on the target system.
The vulnerability exists due to a permissions error in the Siri component. A physically local attacker can bypass security restrictions and enable Siri from the lock screen.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Security restrictions bypass
EUVDB-ID: #VU13131
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4252
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a physically local attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a permissions error in the Siri component. A physically local attacker can bypass security restrictions and read notifications of content that is set to be not displayed at the lock screen.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Security restrictions bypass
EUVDB-ID: #VU13130
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4244
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a physically local attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a permissions error in the Siri Contacts component. A physically local attacker can bypass security restrictions and view private contact information.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper input validation
EUVDB-ID: #VU13160
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4198
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to a flaw in the UIKit component. A remote attacker can trick the victim into loading specially crafted text file and cause the service to crash.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Spoofing attack
EUVDB-ID: #VU13142
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4188
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct spoofing attack on the target system.
The vulnerability exists due to a flaw in the WebKit component. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website and spoof the address bar.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Memory corruption
EUVDB-ID: #VU13136
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4201
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Memory corruption
EUVDB-ID: #VU13137
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4218
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Memory corruption
EUVDB-ID: #VU13138
Risk: High
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2018-4233
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
28) Buffer overflow
EUVDB-ID: #VU13139
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4199
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU13143
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4232
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and cause cookies to be overwritten.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Race condition
EUVDB-ID: #VU13134
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4192
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to race condition in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Memory corruption
EUVDB-ID: #VU13135
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4214
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Memory corruption
EUVDB-ID: #VU12146
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4204
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component when handling malicious input. A remote attacker can trick the victim into loading a specially crafted web content, trigger memory corruption and execute arbitrary code with elevated privileges.
Update to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Type confusion
EUVDB-ID: #VU13133
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4246
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to type confusion in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Information disclosure
EUVDB-ID: #VU13144
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4190
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a flaw in the WebKit component. A remote unauthenticated attacker can trick the victim into loading specially crafted CSS mask images and gain access to the target user's credentials.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Out-of-bounds read
EUVDB-ID: #VU13145
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4222
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to out-of-bounds read error in WebKit. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger memory corruption and cause the service to crash.
Update to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Man-in-the-middle attack
EUVDB-ID: #VU13985
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5383
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
Description
The vulnerability allows an adjacent attacker to conduct man-in-the-middle attack on the target system.
The weakness exists in the Bluetooth Low Energy (BLE) implementation of Secure Connections mode insufficient validation of elliptic curve parameters that are used to generate public keys during a Diffie-Hellman key exchange when the affected software performs device pairing operations. An adjacent attacker can intercept the public key exchange between the two targeted systems, inject a malicious public key to aid in determining the session key, access sensitive information or forge and modify messages, which could be used to inject malicious software on the targeted system.
MitigationUpdate to version 11.4.
Vulnerable software versionsApple iOS: 11.3 - 11.3.1
External linkshttp://support.apple.com/en-us/HT208848
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
