Buffer Overflow in IBM Trusteer Rapport/Apex Affects Legacy Driver
CVE-2018-1985

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Security Trusteer Rapport; Security Rapport For Mac OS
Vendor: CVE Published:; 24 August 2020

What is CVE-2018-1985?

IBM Trusteer Rapport/Apex version 3.6.1908.22 includes an unused legacy driver susceptible to a buffer overflow. This vulnerability allows a user with administrative privileges to exploit the flaw, potentially leading to a system crash characterized by a kernel panic. Addressing this issue is crucial for maintaining system integrity and security.

Affected Version(s)

Security Rapport for MacOS 3.6.1908.22

Security Trusteer Rapport 3.6.1908.22

References

https://www.ibm.com/support/docview.wss?uid=ibm10869212

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/154207

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 24, 2020
Vulnerability Reserved
Dec 13, 2017