VDB

CVE-2018-4090

CVE-2018-4090 PUBLISHED CVSS 5.5 MEDIUM

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

EPSS 4.50% · 89.3th percentile

Risk Scores

CVSS 3.0
5.5
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
4.50%
89.3th percentile

Affected Products

VendorProductVersions
appleapple_tv0
appleiphone_os0
applemac_os_x0
applewatchos0
n/an/an/a

Exploit Intelligence

…and 1 more exploits

Timeline

  • Jan 24, 2018 CVE Published
  • Jan 29, 2018 PoC Published
  • Jan 29, 2018 PoC Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›