Sign-up

ID

VAR-201711-0429


CVE

CVE-2017-13829


TITLE

Apple macOS of CFNetwork Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2017-010386

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the nsurlstoraged service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges under the context of the current service. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. CFNetwork is one of the network protocol libraries. A security vulnerability exists in the CFNetwork component of Apple macOS High Sierra prior to 10.13.1

Trust: 2.34

sources: NVD: CVE-2017-13829 // JVNDB: JVNDB-2017-010386 // ZDI: ZDI-17-924 // VULHUB: VHN-104490

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.13.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.11.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.12.6

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

vendor:applemodel:mac os xscope:eqversion:10.13.0

Trust: 0.6

sources: ZDI: ZDI-17-924 // JVNDB: JVNDB-2017-010386 // CNNVD: CNNVD-201711-405 // NVD: CVE-2017-13829

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-13829
value: HIGH

Trust: 1.0

NVD: CVE-2017-13829
value: HIGH

Trust: 0.8

ZDI: CVE-2017-13829
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201711-405
value: CRITICAL

Trust: 0.6

VULHUB: VHN-104490
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-13829
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-13829
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-104490
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-13829
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-17-924 // VULHUB: VHN-104490 // JVNDB: JVNDB-2017-010386 // CNNVD: CNNVD-201711-405 // NVD: CVE-2017-13829

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-104490 // JVNDB: JVNDB-2017-010386 // NVD: CVE-2017-13829

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-405

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201711-405

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-010386

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT208221url:https://support.apple.com/en-us/HT208221
Trust: 0.8
title:HT208221url:https://support.apple.com/ja-jp/HT208221
Trust: 0.8
title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/en-us/HT208112
Trust: 0.7
title:Apple macOS High Sierra CFNetwork Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76273
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-924 // 
            
            
            
            JVNDB: JVNDB-2017-010386 // 
            
            
            
            CNNVD: CNNVD-201711-405

EXTERNAL IDS
db:NVDid:CVE-2017-13829
Trust: 3.2
db:JVNid:JVNVU99000953
Trust: 0.8
db:JVNDBid:JVNDB-2017-010386
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4908
Trust: 0.7
db:ZDIid:ZDI-17-924
Trust: 0.7
db:CNNVDid:CNNVD-201711-405
Trust: 0.7
db:VULHUBid:VHN-104490
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-924 // 
            
            
            
            VULHUB: VHN-104490 // 
            
            
            
            JVNDB: JVNDB-2017-010386 // 
            
            
            
            CNNVD: CNNVD-201711-405 // 
            
            
            
            NVD: CVE-2017-13829

REFERENCES
url:https://support.apple.com/ht208221
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13829
Trust: 0.8
url:http://jvn.jp/vu/jvnvu99000953/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-13829
Trust: 0.8
url:https://support.apple.com/en-us/ht208112
Trust: 0.7
sources:
            
            
            ZDI: ZDI-17-924 // 
            
            
            
            VULHUB: VHN-104490 // 
            
            
            
            JVNDB: JVNDB-2017-010386 // 
            
            
            
            CNNVD: CNNVD-201711-405 // 
            
            
            
            NVD: CVE-2017-13829

CREDITS
Niklas Baumstark and Samuel Gro
Trust: 0.7
sources:
            
            
            ZDI: ZDI-17-924

SOURCES
db:ZDIid:ZDI-17-924
db:VULHUBid:VHN-104490
db:JVNDBid:JVNDB-2017-010386
db:CNNVDid:CNNVD-201711-405
db:NVDid:CVE-2017-13829

LAST UPDATE DATE
2025-04-20T22:50:52.538000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-924date:2017-11-20T00:00:00
db:VULHUBid:VHN-104490date:2017-11-27T00:00:00
db:JVNDBid:JVNDB-2017-010386date:2017-12-13T00:00:00
db:CNNVDid:CNNVD-201711-405date:2017-11-15T00:00:00
db:NVDid:CVE-2017-13829date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZDIid:ZDI-17-924date:2017-11-20T00:00:00
db:VULHUBid:VHN-104490date:2017-11-13T00:00:00
db:JVNDBid:JVNDB-2017-010386date:2017-12-13T00:00:00
db:CNNVDid:CNNVD-201711-405date:2017-11-15T00:00:00
db:NVDid:CVE-2017-13829date:2017-11-13T03:29:01.927