Out-of-Bounds Read Vulnerability in Apple Products
CVE-2018-4194

8.8HIGH

Key Information:

Vendor
Apple
Status
iPhone OS
Watch OS
Mac Os X
Vendor
CVE Published:
11 January 2019

Summary

An out-of-bounds read issue was identified in multiple Apple products, allowing improper handling of memory access. This could potentially allow an attacker to read sensitive information from memory beyond the allocated space, posing a risk of data exposure. Apple has addressed this issue by implementing improved input validation across the affected platforms, thereby reinforcing the security of user data.

References

https://support.apple.com/HT208853
x_refsource_MISC
https://support.apple.com/HT208848
x_refsource_MISC
https://support.apple.com/HT208852
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.