CNVD-2018-12251 — Vulnetix

CNVD-2018-12251 PUBLISHED

Apple iOS、macOS High Sierra、tvOS和watchOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；macOS High Sierra是一套专为Mac计算机所开发的专用操作系统；tvOS是一套智能电视操作系统；watchOS是一套智能手表操作系统。libxpc是其中的一个Apple XPC库的开源实现。多款Apple产品中的libxpc组件存在安全漏洞，该漏洞源于程序中存在逻辑错误。攻击者可借助特制应用程序利用该漏洞获取提升的权限。

Affected Products

Vendor	Product	Versions
n/a	n/a	*

Timeline

Mar 1, 2018 CVE Published
Nov 27, 2018 PoC Published
Nov 29, 2018 PoC Published
Feb 6, 2025 PoC Published
Feb 23, 2025 PoC Published
Jul 31, 2025 PoC Published
Aug 31, 2025 PoC Published

References

https://support.apple.com/HT208850 url
https://support.apple.com/HT208851 url
1041027 vdb
https://support.apple.com/HT208848 url
https://support.apple.com/HT208849 url
45916 exploit

Open in Interactive Console →