Multiple vulnerabilities in Apple MacOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2018-4462 CVE-2018-4463 CVE-2018-4434 CVE-2018-4449 CVE-2018-4450 CVE-2018-4461 CVE-2018-4435 CVE-2018-4447 CVE-2018-4431 CVE-2018-4460 CVE-2018-4427 CVE-2018-4465 CVE-2018-4303 |
| CWE-ID | CWE-20 CWE-119 CWE-125 CWE-264 CWE-200 CWE-843 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #9 is available. |
| Vulnerable software Subscribe |
macOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU16305
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4462
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to insufficient input validation in the AMD component. A local attacker can supply specially crafted files and read restricted memory.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU16306
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4463
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the Carbon Core component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU16307
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4434
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The weakness exists due to insufficient input validation in the Intel Graphics Driver component. A local attacker can supply specially crafted files, trigger out-of-bounds read condition and cause unexpected system termination or read kernel memory.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU16308
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4449
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the WindowServer component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory corruption
EUVDB-ID: #VU16309
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4450
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the WindowServer component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory corruption
EUVDB-ID: #VU16288
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4461
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Privilege escalation
EUVDB-ID: #VU16293
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4435
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to a logic issue in the Kernel component. A local attacker can run a specially crafted application and gain elevated privileges.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Memory corruption
EUVDB-ID: #VU16287
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4447
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU16292
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-4431
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
Description
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to a boundary error in the Kernel component. A local attacker can trigger memory corruption and read kernel memory.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.13.6 17G66 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) Denial of service
EUVDB-ID: #VU16291
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4460
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
Description
The vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the Kernel component. A local attacker can conduct DoS attack and cause the device to crash.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Memory corruption
EUVDB-ID: #VU15644
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4427
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in IOHIDFamily component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted input, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.13.6 17G66
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Memory corruption
EUVDB-ID: #VU16286
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4465
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in the Disk Images component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.12.6 16G29 - 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Type confusion
EUVDB-ID: #VU16285
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4303
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to type confusion in the Airport component. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.
MitigationUpdate to version 10.14.2.
Vulnerable software versionsmacOS: 10.14.1 18B75
External linkshttp://support.apple.com/en-us/HT209341
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
