Smartcard PIN Handling Issue in macOS High Sierra by Apple
CVE-2018-4179

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac Os X
Vendor: CVE Published:; 11 January 2019

Summary

In macOS High Sierra prior to version 10.13.4, an improper handling of smartcard PINs was identified, which could lead to potential security concerns. This vulnerability was addressed by implementing additional logic to improve the handling process and enhance the overall security of smartcard interactions within the operating system.

References

https://support.apple.com/HT208692

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2019
Vulnerability Reserved
Jan 2, 2018