Multiple vulnerabilities in Apple iOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 31 |
| CVE-ID | CVE-2018-4365 CVE-2018-4366 CVE-2018-4367 CVE-2018-4368 CVE-2018-4369 CVE-2018-4371 CVE-2018-4372 CVE-2018-4373 CVE-2018-4374 CVE-2018-4375 CVE-2018-4376 CVE-2018-4377 CVE-2018-4378 CVE-2018-4382 CVE-2018-4384 CVE-2018-4385 CVE-2018-4386 CVE-2018-4387 CVE-2018-4388 CVE-2018-4390 CVE-2018-4391 CVE-2018-4392 CVE-2018-4394 CVE-2018-4398 CVE-2018-4400 CVE-2018-4409 CVE-2018-4413 CVE-2018-4416 CVE-2018-4419 CVE-2018-4420 CVE-2018-4427 |
| CWE-ID | CWE-125 CWE-119 CWE-20 CWE-401 CWE-79 CWE-451 CWE-200 CWE-264 CWE-122 CWE-400 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #17 is available. Public exploit code for vulnerability #28 is available. |
| Vulnerable software |
Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 31 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU15656
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4365
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to out-of-bounds read in Contacts component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted vcf file, trigger memory corruption and cause the service to crash.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3 External linkshttps://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU15658
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4366
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to a boundary error in FaceTime component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted file, trigger memory corruption and read arbitrary data.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU15642
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4367
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in FaceTime component when handling malicious input. A remote attacker can initiate a FaceTime call, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU15615
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4368
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Description
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists due to an error in WiFi component when handling malicious input. A remote attacker can supply a specially crafted input and cause the service to crash.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory leak
EUVDB-ID: #VU15638
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4369
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to memory leak in NetworkExtension component. A remote attacker can connect to a VPN server and access DNS queries from a DNS proxy.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU15633
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4371
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to out-of-bounds read in IPSec component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory corruption
EUVDB-ID: #VU15647
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4372
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Memory corruption
EUVDB-ID: #VU15648
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4373
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Cross-site scripting
EUVDB-ID: #VU15662
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4374
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Memory corruption
EUVDB-ID: #VU15649
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4375
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Memory corruption
EUVDB-ID: #VU15646
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4376
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Cross-site scripting
EUVDB-ID: #VU15663
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4377
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Memory corruption
EUVDB-ID: #VU15666
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4378
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Memory corruption
EUVDB-ID: #VU15650
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4382
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Memory corruption
EUVDB-ID: #VU15641
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4384
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in AppleAVD component when handling malicious input. A remote attacker can trick the victim into processing malicious video via FaceTime, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Spoofing attack
EUVDB-ID: #VU15665
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4385
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct spoofing attack on the target system.
The weakness exists due to improper state management in WebKit component. A remote attacker can trick the victim into visiting a specially crafted website and spoof address bar.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Memory corruption
EUVDB-ID: #VU15651
Risk: High
CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2018-4386
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
18) Information disclosure
EUVDB-ID: #VU15664
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4387
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
Description
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to an error in VoiceOver component during improper state management. A local attacker can view photos via Reply With Message from the lock screen.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Security restrictions bypass
EUVDB-ID: #VU15661
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4388
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
Description
The vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to an error in Notes component during improper access and privileges controls in lock screen. A local attacker can bypass security restrictions and share items from the lock screen.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Spoofing attack
EUVDB-ID: #VU15659
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4390
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct spoofing attack on the target system.
The weakness exists due to improper state management in Messages component in inconsistent user interface. A remote attacker can send a specially crafted mail message and spoof UI.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Spoofing attack
EUVDB-ID: #VU15660
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4391
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct spoofing attack on the target system.
The weakness exists due to improper state management in Messages component in inconsistent user interface. A remote attacker can send a specially crafted mail message and spoof UI.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Memory corruption
EUVDB-ID: #VU15652
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4392
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Heap-based buffer overflow
EUVDB-ID: #VU15628
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4394
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to boundary error in ICU component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted string, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Information disclosure
EUVDB-ID: #VU15621
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4398
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to an error in the Miller-Rabin primality test. A remote attacker can incorrectly identify prime numbers.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper input validation
EUVDB-ID: #VU15613
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4400
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an error in Security component when processing a malicious input. A remote attacker can supply a specially crafted S/MIME signed message and cause the service to crash.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Resource exhaustion
EUVDB-ID: #VU15657
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4409
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to resource exhaustion in Webkit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, consume excessive resources and cause the service to crash.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Information disclosure
EUVDB-ID: #VU15635
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4413
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
Description
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and read restricted memory.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Memory corruption
EUVDB-ID: #VU15653
Risk: High
CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2018-4416
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
29) Memory corruption
EUVDB-ID: #VU15600
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4419
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Memory corruption
EUVDB-ID: #VU15598
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4420
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Memory corruption
EUVDB-ID: #VU15644
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4427
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to a boundary error in IOHIDFamily component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted input, trigger memory corruption and execute arbitrary code with kernel privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 12.1.
Vulnerable software versionsApple iOS: 12.0 16A366 - 12.0.1 16A404
CPE2.3https://support.apple.com/en-gb/HT209192
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
