Sign-up

ID

VAR-201712-1106


CVE

CVE-2017-7163


TITLE

Apple macOS of Intel Graphics Driver Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2017-011439

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS High Sierra is a dedicated operating system developed by Apple for Mac computers

Trust: 1.71

sources: NVD: CVE-2017-7163 // JVNDB: JVNDB-2017-011439 // VULHUB: VHN-115366

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.13.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.13.1

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.13.0

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.6

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.2

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.3

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.0

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.11.5

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.5

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.11.6

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.12.4

Trust: 0.6

sources: JVNDB: JVNDB-2017-011439 // CNNVD: CNNVD-201703-829 // NVD: CVE-2017-7163

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7163
value: HIGH

Trust: 1.0

NVD: CVE-2017-7163
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201703-829
value: CRITICAL

Trust: 0.6

VULHUB: VHN-115366
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-7163
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-115366
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-7163
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-115366 // JVNDB: JVNDB-2017-011439 // CNNVD: CNNVD-201703-829 // NVD: CVE-2017-7163

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-115366 // JVNDB: JVNDB-2017-011439 // NVD: CVE-2017-7163

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-829

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201703-829

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-011439

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT208331url:https://support.apple.com/en-us/HT208331
Trust: 0.8
title:HT208331url:https://support.apple.com/ja-jp/HT208331
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-011439

EXTERNAL IDS
db:NVDid:CVE-2017-7163
Trust: 2.5
db:JVNid:JVNVU98418454
Trust: 0.8
db:JVNDBid:JVNDB-2017-011439
Trust: 0.8
db:CNNVDid:CNNVD-201703-829
Trust: 0.7
db:VULHUBid:VHN-115366
Trust: 0.1
sources:
            
            
            VULHUB: VHN-115366 // 
            
            
            
            JVNDB: JVNDB-2017-011439 // 
            
            
            
            CNNVD: CNNVD-201703-829 // 
            
            
            
            NVD: CVE-2017-7163

REFERENCES
url:https://support.apple.com/ht208331
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7163
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98418454/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-7163
Trust: 0.8
sources:
            
            
            VULHUB: VHN-115366 // 
            
            
            
            JVNDB: JVNDB-2017-011439 // 
            
            
            
            CNNVD: CNNVD-201703-829 // 
            
            
            
            NVD: CVE-2017-7163

SOURCES
db:VULHUBid:VHN-115366
db:JVNDBid:JVNDB-2017-011439
db:CNNVDid:CNNVD-201703-829
db:NVDid:CVE-2017-7163

LAST UPDATE DATE
2025-04-20T22:23:41.765000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-115366date:2017-12-29T00:00:00
db:JVNDBid:JVNDB-2017-011439date:2018-01-16T00:00:00
db:CNNVDid:CNNVD-201703-829date:2017-12-28T00:00:00
db:NVDid:CVE-2017-7163date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-115366date:2017-12-27T00:00:00
db:JVNDBid:JVNDB-2017-011439date:2018-01-16T00:00:00
db:CNNVDid:CNNVD-201703-829date:2017-03-20T00:00:00
db:NVDid:CVE-2017-7163date:2017-12-27T17:08:24.593