Sandboxing Access Issue in macOS High Sierra by Apple
CVE-2018-4183

8.2HIGH

Key Information:

Vendor
Apple
Status
Mac Os X
Vendor
CVE Published:
11 January 2019

Summary

An access control issue in macOS High Sierra prior to version 10.13.5 allowed unauthorized access due to insufficient sandbox restrictions. This vulnerability could potentially allow a malicious application to breach user data security practices by exploiting the limitations in the sandbox, enabling it to gain elevated privileges improperly. Users are encouraged to upgrade to the latest macOS version to mitigate the risks associated with this vulnerability and enhance their system's security.

References

https://www.debian.org/security/2018/dsa-4243
vendor-advisoryx_refsource_DEBIAN
https://support.apple.com/HT208849
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201908-08
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.