CVE-2017-13905Race Condition in Apple Macos

CWE-362Race Condition7 documents4 sources
Severity
8.1HIGHNVD
EPSS
0.6%
top 30.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple MacosApple TvosApple Watchos+2 more
Timeline
PublishedDec 23
Latest updateDec 24

Description

A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages8 packages

CVEListV5apple/tvosunspecified11.2
NVDapple/tvos< 11.2
CVEListV5apple/macosunspecified10.13+1
NVDapple/macos< 10.13.2
CVEListV5apple/watchosunspecified4.2

🔴Vulnerability Details

2
GHSA
GHSA-rv5x-972c-94h5: A race condition was addressed with additional validation2021-12-24
CVEList
CVE-2017-13905: A race condition was addressed with additional validation2021-12-23

📋Vendor Advisories

4
Apple
CVE-2017-13905: macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan2017-12-06
Apple
CVE-2017-13905: watchOS 4.22017-12-05
Apple
CVE-2017-13905: tvOS 11.22017-12-04
Apple
CVE-2017-13905: iOS 11.22017-12-02
CVE-2017-13905 — Race Condition in Apple Macos | cvebase