PT-2020-8920 · Apple · Security Update 2017-001 Sierra+4

Bijoora

Published

2020-10-27

Updated

2020-10-30

CVE-2018-4391

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS High Sierra versions prior to 10.13.1 Security Update 2017-001 Sierra versions prior to the update Security Update 2017-004 El Capitan versions prior to the update watchOS versions prior to 4.3 iOS versions prior to 12.1

Description The issue is related to an inconsistent user interface that could be exploited by processing a maliciously crafted text message, potentially leading to UI spoofing. This is a result of inadequate state management.

Recommendations For macOS High Sierra, update to version 10.13.1 or later. For Security Update 2017-001 Sierra, apply the security update. For Security Update 2017-004 El Capitan, apply the security update. For watchOS, update to version 4.3 or later. For iOS, update to version 12.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-4391

Affected Products

Security Update 2017-001 Sierra

Security Update 2017-004 El Capitan

Ios

Macos High Sierra

Watchos

PT-2020-8920 · Apple · Security Update 2017-001 Sierra+4

CVE-2018-4391

Related Identifiers

Affected Products

References · 5