PT-2018-1252 · Apple · Xcode+1

Published

2018-03-29

Updated

2018-05-04

CVE-2018-4164

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xcode versions prior to 9.3

Description The issue involves the LLVM component and is related to insecure privilege management. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Xcode versions prior to 9.3, update to version 9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the LLVM component to minimize the risk of exploitation.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2018-00725

CVE-2018-4164

Affected Products

Llvm

Xcode

PT-2018-1252 · Apple · Xcode+1

CVE-2018-4164

Weakness Enumeration

Related Identifiers

Affected Products

References · 9