VDB

CVE-2018-4206

CVE-2018-4206 PUBLISHED CVSS 7.800000190734863 HIGH

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name.

EPSS 7.65% · 92.0th percentile

Risk Scores

CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
7.65%
92.0th percentile

Affected Products

VendorProductVersions
appleiphone_os0
n/an/an/a
applewatchos0
applemac_os_x0
appleapple_tv0

Exploit Intelligence

…and 4 more exploits

Timeline

  • Apr 24, 2018 CVE Published
  • Apr 30, 2018 PoC Published
  • Apr 30, 2018 PoC Published
  • Jan 25, 2019 PoC Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • May 25, 2022 EPSS Score
  • Aug 15, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›