Apple Watchos 5 vulnerabilities

CVE-2018-4332 [CRITICAL] CVE-2018-4332: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4332 Component: Heimdal Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4331 [CRITICAL] CVE-2018-4331: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4331 Component: Heimdal Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4426 [HIGH] CVE-2018-4426: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4426 Component: Grand Central Dispatch Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4337 [HIGH] CVE-2018-4337: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4337 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4341 [HIGH] CVE-2018-4341: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4341 Component: IOKit Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4126 [HIGH] CVE-2018-4126: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4126 Component: CFNetwork Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4425 [HIGH] CVE-2018-4425: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4425 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4474 [HIGH] CVE-2018-4474: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4474 Component: WebKit Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling.

CVE-2018-4311 [HIGH] CVE-2018-4311: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4311 Component: WebKit Impact: Cross-origin SecurityErrors includes the accessed frame’s origin Description: The issue was addressed by removing origin information.

CVE-2018-4359 [HIGH] CVE-2018-4359: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4359 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4299 [HIGH] CVE-2018-4299: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4299 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4340 [HIGH] CVE-2018-4340: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4340 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2016-1777 [HIGH] CVE-2016-1777: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2016-1777 Component: Security Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4.

CVE-2018-4383 [HIGH] CVE-2018-4383: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4383 Component: IOKit Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2018-4361 [HIGH] CVE-2018-4361: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4361 Component: WebKit Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling.

CVE-2018-4358 [HIGH] CVE-2018-4358: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4358 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4407 [HIGH] CVE-2018-4407: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4407 Component: Kernel Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation.

CVE-2018-4203 [HIGH] CVE-2018-4203: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4203 Component: Symptom Framework Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2018-4343 [HIGH] CVE-2018-4343: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4343 Component: Heimdal Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4344 [HIGH] CVE-2018-4344: watchOS 5 Apple Security Update: About the security content of watchOS 5 Product: watchOS 5 CVE: CVE-2018-4344 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.