9.3
CVSSv2

CVE-2018-4420

Published: 03/04/2019 Updated: 05/04/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Apple macOS could allow a local malicious user to gain elevated privileges on the system, caused by a memory corruption error in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to gain kernel privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions
AppleIphone Os1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 2.0, 2.0.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.2, 2.2.1, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.2, 3.2.1, 3.2.2, 4.0, 4.0.1, 4.0.2, 4.1, 4.2.1, 4.2.5, 4.2.8, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.5, 5.0, 5.0.1, 5.1, 5.1.1, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.1, 7.1.1, 7.1.2, 8.0, 8.0.1, 8.0.2, 8.1, 8.1.2, 8.1.3, 8.2, 8.3, 8.4.1, 9.0, 9.0.1, 9.0.2, 9.1, 9.2, 9.2.1, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4, 9.3.5, 10.0, 10.0.1, 10.0.2, 10.0.3, 10.1, 10.1.1, 10.2, 10.2.1, 10.3, 10.3.1, 10.3.2, 10.3.3, 11, 11.0, 11.0.1, 11.0.2, 11.0.3, 11.1, 11.1.1, 11.1.2, 11.2, 11.2.1, 11.2.2, 11.2.5, 11.2.6, 11.3, 11.3.1, 11.4, 11.4.1, 12.0, 12.0.1
AppleMac Os X-, 10.0, 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, 10.1, 10.1.0, 10.1.1, 10.1.2, 10.1.3, 10.1.4, 10.1.5, 10.2, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.2.7, 10.2.8, 10.3, 10.3.0, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6, 10.3.7, 10.3.8, 10.3.9, 10.4, 10.4.0, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6, 10.4.7, 10.4.8, 10.4.9, 10.4.10, 10.4.11, 10.5, 10.5.0, 10.5.1, 10.5.2, 10.5.3, 10.5.4, 10.5.5, 10.5.6, 10.5.7, 10.5.8, 10.6.0, 10.6.1, 10.6.2, 10.6.3, 10.6.4, 10.6.5, 10.6.6, 10.6.7, 10.6.8, 10.7.0, 10.7.1, 10.7.2, 10.7.3, 10.7.4, 10.7.5, 10.8.0, 10.8.1, 10.8.2, 10.8.3, 10.8.4, 10.8.5, 10.9, 10.9.1, 10.9.2, 10.9.3, 10.9.4, 10.9.5, 10.10.0, 10.10.1, 10.10.2, 10.10.3, 10.10.4, 10.10.5, 10.11.0, 10.11.1, 10.11.2, 10.11.3, 10.11.4, 10.11.5, 10.11.6, 10.12, 10.12.0, 10.12.1, 10.12.2, 10.12.3, 10.12.4, 10.12.5, 10.12.6, 10.13, 10.13.0, 10.13.1, 10.13.2, 10.13.3, 10.13.4, 10.13.5, 10.13.6
AppleTvos1.0.0, 1.1.0, 2.0.0, 2.0.1, 2.0.2, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.4.0, 3.0.0, 3.0.1, 3.0.2, 4.1.0, 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.4.0, 4.4.2, 4.4.3, 4.4.4, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1, 5.2.0, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.1, 6.1.2, 6.2, 6.2.1, 7.0, 7.0.1, 7.0.3, 7.1, 9.0, 9.0.1, 9.1, 9.1.1, 9.2, 9.2.1, 9.2.2, 10.0, 10.0.1, 10.1, 10.1.1, 10.2, 10.2.1, 10.2.2, 11, 11.0, 11.1, 11.2, 11.2.1, 11.2.6, 11.3, 11.4.1, 12, 12.0.1
AppleWatchos1.0, 1.0.1, 2.0, 2.0.1, 2.1, 2.2, 2.2.0, 2.2.1, 2.2.2, 3.0, 3.1, 3.1.1, 3.1.3, 3.2, 3.2.2, 3.2.3, 4, 4.0, 4.0.1, 4.1, 4.2.3, 4.3, 4.3.1, 4.3.2, 5.0, 5.0.1

Vendor Advisories

About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-5 tvOS 121 tvOS 121 is now available and addresses the following: CoreCrypto Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-4 watchOS 51 watchOS 51 is now available and addresses the following: AppleAVD Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation C ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-5 tvOS 121 tvOS 121 is now available and addresses the following: CoreCrypto Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-1 iOS 121 iOS 121 is now available and addresses the following: AppleAVD Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing malicious video via FaceTime may lead to arbitrary code execution Description: A memory corruption ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-1 iOS 121 iOS 121 is now available and addresses the following: AppleAVD Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing malicious video via FaceTime may lead to arbitrary code execution Description: A memory corruption ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-4 watchOS 51 watchOS 51 is now available and addresses the following: AppleAVD Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation C ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-2 macOS Mojave 10141, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra macOS Mojave 10141, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following: afpserver Available for: macOS Sierra 1012 ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-2 macOS Mojave 10141, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra macOS Mojave 10141, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following: afpserver Available for: macOS Sierra 1012 ...

Github Repositories

CVE-pocs This repo contains some of my vuln research results