Details of VAR-201804-1157

ID

VAR-201804-1157

CVE

CVE-2018-4156

TITLE

Apple iOS and macOS of PluginKit Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2018-003684

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Apple iOS and macOS are prone to multiple security vulnerabilities. An attacker can exploit these issues to perform unauthorized actions, and gain elevated privileges. Failed exploit attempts will likely cause a denial-of-service condition. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers. PluginKit is one of the plugin building components

Trust: 1.98

sources: NVD: CVE-2018-4156 // JVNDB: JVNDB-2018-003684 // BID: 103581 // VULHUB: VHN-134187

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lt	version:	10.13.4	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	11.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.6	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.6	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.13.3	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	11.3 (ipad air or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	11.3 (iphone 5s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	11.3 (ipod touch first 6 generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.0	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.2	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.1	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.1.1	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	1.0.0	Trust: 0.6
vendor:	apple	model:	macos	scope:	eq	version:	10.13.3	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.6	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.13.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	11.3	Trust: 0.3

sources: BID: 103581 // JVNDB: JVNDB-2018-003684 // CNNVD: CNNVD-201804-154 // NVD: CVE-2018-4156

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4156
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4156
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201804-154
value:	HIGH
Trust: 0.6
VULHUB:	VHN-134187
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-4156
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-134187
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-4156
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-134187 // JVNDB: JVNDB-2018-003684 // CNNVD: CNNVD-201804-154 // NVD: CVE-2018-4156

PROBLEMTYPE DATA

problemtype:	CWE-362	Trust: 1.9
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-134187 // JVNDB: JVNDB-2018-003684 // NVD: CVE-2018-4156

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201804-154

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-201804-154

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003684

PATCH

title:	HT208692	url:	https://support.apple.com/en-us/HT208692	Trust: 0.8
title:	HT208693	url:	https://support.apple.com/en-us/HT208693	Trust: 0.8
title:	HT208692	url:	https://support.apple.com/ja-jp/HT208692	Trust: 0.8
title:	HT208693	url:	https://support.apple.com/ja-jp/HT208693	Trust: 0.8
title:	Apple iOS and macOS High Sierra PluginKit Repair measures for competitive conditions	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83006	Trust: 0.6

sources: JVNDB: JVNDB-2018-003684 // CNNVD: CNNVD-201804-154

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4156	Trust: 2.8
db:	BID	id:	103581	Trust: 2.0
db:	SECTRACK	id:	1040608	Trust: 1.7
db:	SECTRACK	id:	1040604	Trust: 1.7
db:	JVN	id:	JVNVU92378299	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-003684	Trust: 0.8
db:	CNNVD	id:	CNNVD-201804-154	Trust: 0.6
db:	VULHUB	id:	VHN-134187	Trust: 0.1

sources: VULHUB: VHN-134187 // BID: 103581 // JVNDB: JVNDB-2018-003684 // CNNVD: CNNVD-201804-154 // NVD: CVE-2018-4156

REFERENCES

url:	http://www.securityfocus.com/bid/103581	Trust: 1.7
url:	https://support.apple.com/ht208692	Trust: 1.7
url:	https://support.apple.com/ht208693	Trust: 1.7
url:	http://www.securitytracker.com/id/1040604	Trust: 1.7
url:	http://www.securitytracker.com/id/1040608	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4156	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92378299/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4156	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://support.apple.com/en-ie/ht208693	Trust: 0.3
url:	https://support.apple.com/en-ie/ht208692	Trust: 0.3

sources: VULHUB: VHN-134187 // BID: 103581 // JVNDB: JVNDB-2018-003684 // CNNVD: CNNVD-201804-154 // NVD: CVE-2018-4156

CREDITS

Andreas Hegenberg of folivora.AI GmbH, Samuel Gro? (@5aelo), and an anonymous researcher.

Trust: 0.3

sources: BID: 103581

SOURCES

db:	VULHUB	id:	VHN-134187
db:	BID	id:	103581
db:	JVNDB	id:	JVNDB-2018-003684
db:	CNNVD	id:	CNNVD-201804-154
db:	NVD	id:	CVE-2018-4156

LAST UPDATE DATE

2024-11-23T20:09:03.663000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-134187	date:	2019-10-03T00:00:00
db:	BID	id:	103581	date:	2018-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2018-003684	date:	2018-06-01T00:00:00
db:	CNNVD	id:	CNNVD-201804-154	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-4156	date:	2024-11-21T04:06:52.437

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-134187	date:	2018-04-03T00:00:00
db:	BID	id:	103581	date:	2018-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2018-003684	date:	2018-06-01T00:00:00
db:	CNNVD	id:	CNNVD-201804-154	date:	2018-04-03T00:00:00
db:	NVD	id:	CVE-2018-4156	date:	2018-04-03T06:29:07.140