PT-2021-8558 · Apple · Macos High Sierra+2

Published

2021-12-23

Updated

2022-01-04

CVE-2017-13908

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS High Sierra versions prior to 10.13.1 Security Update 2017-001 Sierra (affected versions not specified) Security Update 2017-004 El Capitan (affected versions not specified)

Description A local attacker may exploit an issue in handling file permissions to execute non-executable text files via an SMB share. The issue was addressed with improved validation.

Recommendations For macOS High Sierra versions prior to 10.13.1, update to macOS High Sierra 10.13.1 to resolve the issue. For Security Update 2017-001 Sierra, apply Security Update 2017-001 to resolve the issue. For Security Update 2017-004 El Capitan, apply Security Update 2017-004 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-13908

Affected Products

Security Update 2017-001 Sierra

Security Update 2017-004 El Capitan

Macos High Sierra

PT-2021-8558 · Apple · Macos High Sierra+2

CVE-2017-13908

Related Identifiers

Affected Products

References · 4