CVE-2018-4178Incorrect Permission Assignment in Apple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 75.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0
Timeline
PublishedApr 3
Latest updateMay 13

Description

A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDapple/mac_os_x< 10.13.4

🔴Vulnerability Details

1
GHSA
GHSA-q9fh-78j6-qr84: A permissions issue existed in which execute permission was incorrectly granted2022-05-13

📋Vendor Advisories

1
Apple
CVE-2018-4178: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan2018-07-09