Sign-up

ID

VAR-201705-3994


CVE

CVE-2017-6990


TITLE

Apple OS X of HFS Vulnerability that bypasses memory read restrictions in components

Trust: 0.8

sources: JVNDB: JVNDB-2017-003829

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "HFS" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Apple OS X of HFS A component contains a vulnerability that bypasses memory read restrictions.An attacker could bypass the memory read limit through a crafted application. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of HFS. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges in the context of the kernel. Apple macOS is prone to multiple security vulnerabilities. An attacker can exploit these issues to gain elevated privileges, perform unauthorized actions and execute arbitrary code with kernel privileges. Failed exploit attempts will likely cause a denial-of-service condition. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. HFS is one of the network file upload components

Trust: 2.61

sources: NVD: CVE-2017-6990 // JVNDB: JVNDB-2017-003829 // ZDI: ZDI-17-352 // BID: 98483 // VULHUB: VHN-115193

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.12.4

Trust: 1.4

vendor:applemodel:mac os xscope:lteversion:10.12.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10.5

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11.6

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

vendor:applemodel:macosscope:eqversion:10.12.4

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.3

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.2

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.1

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

vendor:applemodel:macosscope:neversion:10.12.5

Trust: 0.3

sources: ZDI: ZDI-17-352 // BID: 98483 // JVNDB: JVNDB-2017-003829 // CNNVD: CNNVD-201705-962 // NVD: CVE-2017-6990

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6990
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-6990
value: MEDIUM

Trust: 0.8

ZDI: CVE-2017-6990
value: LOW

Trust: 0.7

CNNVD: CNNVD-201705-962
value: MEDIUM

Trust: 0.6

VULHUB: VHN-115193
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-6990
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-6990
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-115193
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6990
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-17-352 // VULHUB: VHN-115193 // JVNDB: JVNDB-2017-003829 // CNNVD: CNNVD-201705-962 // NVD: CVE-2017-6990

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-115193 // JVNDB: JVNDB-2017-003829 // NVD: CVE-2017-6990

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201705-962

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201705-962

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-003829

PATCH
title:HT207797url:https://support.apple.com/en-us/HT207797
Trust: 1.5
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT207797url:https://support.apple.com/ja-jp/HT207797
Trust: 0.8
title:Apple macOS Sierra HFS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70438
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-352 // 
            
            
            
            JVNDB: JVNDB-2017-003829 // 
            
            
            
            CNNVD: CNNVD-201705-962

EXTERNAL IDS
db:NVDid:CVE-2017-6990
Trust: 3.5
db:SECTRACKid:1038484
Trust: 1.7
db:JVNid:JVNVU98089541
Trust: 0.8
db:JVNDBid:JVNDB-2017-003829
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4615
Trust: 0.7
db:ZDIid:ZDI-17-352
Trust: 0.7
db:CNNVDid:CNNVD-201705-962
Trust: 0.7
db:BIDid:98483
Trust: 0.3
db:VULHUBid:VHN-115193
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-352 // 
            
            
            
            VULHUB: VHN-115193 // 
            
            
            
            BID: 98483 // 
            
            
            
            JVNDB: JVNDB-2017-003829 // 
            
            
            
            CNNVD: CNNVD-201705-962 // 
            
            
            
            NVD: CVE-2017-6990

REFERENCES
url:https://support.apple.com/ht207797
Trust: 1.7
url:http://www.securitytracker.com/id/1038484
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6990
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98089541/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6990
Trust: 0.8
url:https://support.apple.com/en-us/ht207797
Trust: 0.7
url:https://www.apple.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-17-352 // 
            
            
            
            VULHUB: VHN-115193 // 
            
            
            
            BID: 98483 // 
            
            
            
            JVNDB: JVNDB-2017-003829 // 
            
            
            
            CNNVD: CNNVD-201705-962 // 
            
            
            
            NVD: CVE-2017-6990

CREDITS
Chaitin Security Research Lab
Trust: 0.7
sources:
            
            
            ZDI: ZDI-17-352

SOURCES
db:ZDIid:ZDI-17-352
db:VULHUBid:VHN-115193
db:BIDid:98483
db:JVNDBid:JVNDB-2017-003829
db:CNNVDid:CNNVD-201705-962
db:NVDid:CVE-2017-6990

LAST UPDATE DATE
2025-04-20T20:13:02.260000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-352date:2017-05-18T00:00:00
db:VULHUBid:VHN-115193date:2019-10-03T00:00:00
db:BIDid:98483date:2017-05-15T00:00:00
db:JVNDBid:JVNDB-2017-003829date:2017-06-08T00:00:00
db:CNNVDid:CNNVD-201705-962date:2019-10-23T00:00:00
db:NVDid:CVE-2017-6990date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZDIid:ZDI-17-352date:2017-05-18T00:00:00
db:VULHUBid:VHN-115193date:2017-05-22T00:00:00
db:BIDid:98483date:2017-05-15T00:00:00
db:JVNDBid:JVNDB-2017-003829date:2017-06-08T00:00:00
db:CNNVDid:CNNVD-201705-962date:2017-05-24T00:00:00
db:NVDid:CVE-2017-6990date:2017-05-22T05:29:03.177