CVE-2018-4435
published 2019-04-03CVE-2018-4435: A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
PriorityP344high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
3.09%
86.1th percentile
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 12.1.1 | 12.1.1 |
| apple | mac_os_x | < 10.14.2 | 10.14.2 |
| apple | macos_mojave_10.14.2_security_update_2018-003_high_sierra_security_update_2018-0 | — | — |
| apple | tvos | < 12.1.1 | 12.1.1 |
| apple | tvos | — | — |
| apple | watchos | < 5.1.2 | 5.1.2 |
| apple | watchos | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2018-4435: watchOS 5.1.2
vendor_apple·2018-12-06·CVSS 7.8
CVE-2018-4435 [HIGH] CVE-2018-4435: watchOS 5.1.2
Apple Security Update: About the security content of watchOS 5.1.2
Product: watchOS
Version: 5.1.2
CVE: CVE-2018-4435
Component: Kernel
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
Apple
CVE-2018-4435: tvOS 12.1.1
vendor_apple·2018-12-05·CVSS 7.8
CVE-2018-4435 [HIGH] CVE-2018-4435: tvOS 12.1.1
Apple Security Update: About the security content of tvOS 12.1.1
Product: tvOS
Version: 12.1.1
CVE: CVE-2018-4435
Component: Kernel
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
Apple
CVE-2018-4435: iOS 12.1.1
vendor_apple·2018-12-05·CVSS 7.8
CVE-2018-4435 [HIGH] CVE-2018-4435: iOS 12.1.1
Apple Security Update: About the security content of iOS 12.1.1
Product: iOS
Version: 12.1.1
CVE: CVE-2018-4435
Component: Kernel
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
Apple
CVE-2018-4435: macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
vendor_apple·2018-12-05·CVSS 7.8
CVE-2018-4435 [HIGH] CVE-2018-4435: macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
Apple Security Update: About the security content of macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
Product: macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
CVE: CVE-2018-4435
Component: Kernel
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
GHSA
GHSA-h3f4-jpc6-qvxf: A logic issue was addressed with improved restrictions
ghsa_unreviewed·2022-05-14
CVE-2018-4435 [HIGH] CWE-20 GHSA-h3f4-jpc6-qvxf: A logic issue was addressed with improved restrictions
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
No detection rules found.
No writeups or analysis indexed.
2019-04-03
Published