Multiple vulnerabilities in Apple watchOS

Published: 2018-07-11 16:09:08 | Updated: 2018-07-11 16:35:19
Severity High
Patch available YES
Number of vulnerabilities 14
CVE ID CVE-2018-4293
CVE-2018-4290
CVE-2018-4282
CVE-2018-4280
CVE-2018-4248
CVE-2018-4277
CVE-2018-4270
CVE-2018-4284
CVE-2018-4266
CVE-2018-4262
CVE-2018-4264
CVE-2018-4272
CVE-2018-4271
CVE-2018-4273
CVSSv3 4.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-264
CWE-119
CWE-125
CWE-451
CWE-362
Exploitation vector Network
Public exploit Not available
Vulnerable software watchOS
Vulnerable software versions watchOS 4.3.1
Vendor URL Apple Inc.

Security Advisory

1) Security restrictions bypass

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to an error in cookie management. A local attacker can run a specially crafted application and cause cookies unexpectedly persist in Safari.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

2) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when processing an emoji under certain configurations. A remote attacker can trick the victim into opening a specially crafted input, trigger memory corruption and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

3) Out-of-bounds read

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to improper input validation. A local attacker can run a specially crafted application, trigger out-of-bounds read and read kernel memory.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

4) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error when processing malicious application. A local attacker can use a specially crafted application, trigger memory corruption and gain elevated privileges.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

5) Out-of-bounds read

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A local attacker can run a specially crafted application, trigger out-of-bounds read and read restricted memory.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

6) Spoofing attack

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to a spoofing issue in the handling of URLs. A remote attacker can trick the victim into loading a specially crafted web content and spoof the address bar.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

7) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

8) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

9) Race condition

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to race condition when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

10) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

11) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

12) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

13) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

14) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 4.3.2.

External links

https://support.apple.com/en-us/HT208935

Back to List