CVE-2018-4182Execution with Unnecessary Privileges in Apple Macos High Sierra 10.13.5 Security Update 2018-003 Sierra Security Update 2018-0

CWE-250Execution with Unnecessary Privileges7 documents6 sources
Severity
8.2HIGHNVD
EPSS
0.1%
top 64.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple MAC OS XApple Macos High Sierra 10.13.5 Security Update 2018-003 Sierra Security Update 2018-0Debian Cups
Timeline
PublishedJan 11
Latest updateMay 13

Description

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages3 packages

NVDapple/mac_os_x< 10.13.5
debiandebian/cups

🔴Vulnerability Details

1
GHSA
GHSA-77qc-wcq2-m5v2: In macOS High Sierra before 102022-05-13

📋Vendor Advisories

3
Apple
CVE-2018-4182: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan2018-06-01
Red Hat
cups: Sandbox bypass due to insecure error handling2018-05-09
Debian
CVE-2018-4182: cups - In macOS High Sierra before 10.13.5, an access issue was addressed with addition...2018

💬Community

2
Bugzilla
CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 cups: various flaws [fedora-all]2018-07-23
Bugzilla
CVE-2018-4182 cups: Sandbox bypass due to insecure error handling2018-07-23