Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-4206Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple TV

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents5 sources
Severity
7.8HIGHNVD
EPSS
7.6%
top 8.09%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
Apple TVApple Iphone OSApple MAC OS X+1 more
Timeline
PublishedJun 8
Latest updateMay 14

Description

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDapple/watchos< 4.3.1
NVDapple/mac_os_x< 10.13.4
NVDapple/apple_tv< 11.4
NVDapple/iphone_os< 11.3.1

🔴Vulnerability Details

2
GHSA
GHSA-c95p-mvpw-c6w9: An issue was discovered in certain Apple products2022-05-14
CVEList
CVE-2018-4206: An issue was discovered in certain Apple products2018-06-08

💥Exploits & PoCs

2
Exploit-DB
iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free2019-01-25
Exploit-DB
Apple macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules2018-04-30

📋Vendor Advisories

4
Apple
CVE-2018-4206: tvOS 11.42018-05-29
Apple
CVE-2018-4206: watchOS 4.3.12018-05-29
Apple
CVE-2018-4206: iOS 11.3.12018-04-24
Apple
CVE-2018-4206: Security Update 2018-0012018-04-24
CVE-2018-4206 — Apple TV vulnerability | cvebase