PT-2021-8854 · Apple · Security Update 2018-003 El Capitan+2

Ben Erickson

Published

2021-12-23

Updated

2022-01-05

CVE-2018-4478

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions macOS High Sierra versions prior to 10.13.5 Security Update 2018-003 Sierra versions prior to the update Security Update 2018-003 El Capitan versions prior to the update

Description A validation issue was addressed with improved logic, allowing an attacker with physical access to a device to potentially elevate privileges.

Recommendations For macOS High Sierra versions prior to 10.13.5, update to macOS High Sierra 10.13.5. For Security Update 2018-003 Sierra, apply the Security Update 2018-003. For Security Update 2018-003 El Capitan, apply the Security Update 2018-003.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2018-4478

Affected Products

Security Update 2018-003 El Capitan

Security Update 2018-003 Sierra

Macos High Sierra

PT-2021-8854 · Apple · Security Update 2018-003 El Capitan+2

CVE-2018-4478

Weakness Enumeration

Related Identifiers

Affected Products

References · 4