Assertion Failure Vulnerability in Apple Products
CVE-2018-4208

8.8HIGH

Key Information:

Vendor

Apple
Status
iPhone OS
Safari
Watch OS
TV OS
Vendor
CVE Published:
11 January 2019

What is CVE-2018-4208?

Prior to updates in iOS 11.3, Safari 11.1, iCloud for Windows 7.4, tvOS 11.3, watchOS 4.3, and iTunes 12.7.4 for Windows, an assertion failure may occur due to unexpected interactions within the affected products. This vulnerability can lead to instability or unintended behaviors, posing potential risks to user experience and security. Apple has addressed this issue through improved validation checks in the respective updates.

References

https://support.apple.com/HT208695%2C
x_refsource_MISC
https://support.apple.com/HT208694%2C
x_refsource_MISC
https://support.apple.com/HT208697%2C
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-4208 : Assertion Failure Vulnerability in Apple Products