What is CVE-2017-13873?

CVE-2017-13873 is a vulnerability in certain Apple products that allows attackers to obtain sensitive network-activity information about arbitrary apps.

Which Apple products are affected by CVE-2017-13873?

iOS before version 11, macOS before version 10.13, tvOS before version 11, and watchOS before version 4 are affected by CVE-2017-13873.

What is the severity of CVE-2017-13873?

CVE-2017-13873 has a severity keyword of 'medium' and a severity value of 4.3.

How can I fix CVE-2017-13873?

To fix CVE-2017-13873, update your Apple product to the latest version of iOS, macOS, tvOS, or watchOS, depending on the affected product.

Where can I find more information about CVE-2017-13873?

You can find more information about CVE-2017-13873 on the Apple support website: [https://support.apple.com/HT208112](https://support.apple.com/HT208112), [https://support.apple.com/HT208113](https://support.apple.com/HT208113), [https://support.apple.com/HT208115](https://support.apple.com/HT208115).

Vulnerability/
CVE-2017-13873

medium

4.3

CWE

200

19/9/2017

3/4/2018

5/8/2024

CVE-2017-13873: Infoleak

First published: Tue Sep 19 2017(Updated: )

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary apps via a crafted app.

Credit: Xiaokuan Zhang Yinqian Zhang The Ohio State UniversityXueqiang Wang XiaoFeng Wang Indiana University Bloomington Xiaolong Bai Tsinghua University product-security@apple.com

Affected Software	Affected Version	How to fix
tvOS	<11	11
macOS High Sierra	<10.13	10.13
Apple iOS, iPadOS, and watchOS	<11	11
Apple iOS, iPadOS, and watchOS	<4	4
iOS	<11.0
Apple iOS and macOS	<10.13
tvOS	<11.0
Apple iOS, iPadOS, and watchOS	<4.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2017-13832
CVE-2017-13829
CVE-2017-13833
CVE-2017-7083
CVE-2017-0381
CVE-2017-13825
CVE-2017-13815
CVE-2017-13828
CVE-2017-13830
CVE-2017-13814
CVE-2017-13831
CVE-2017-13817
CVE-2017-13818
CVE-2017-13836
CVE-2017-13841
CVE-2017-13840
CVE-2017-13842
CVE-2017-13782
CVE-2017-13843
CVE-2017-7114
CVE-2017-13854
CVE-2017-13834
CVE-2017-13873
CVE-2017-13813
CVE-2017-13816
CVE-2017-13812
CVE-2017-7086
CVE-2017-1000373
CVE-2016-9063
CVE-2017-9233
CVE-2017-9049
CVE-2017-5130
CVE-2017-7376
CVE-2017-9050
CVE-2017-13822
CVE-2017-7080
CVE-2017-10989
CVE-2017-7128
CVE-2017-7129
CVE-2017-7130
CVE-2017-7127
CVE-2017-7081
CVE-2017-7087
CVE-2017-7091
CVE-2017-7092
CVE-2017-7093
CVE-2017-7094
CVE-2017-7095
CVE-2017-7096
CVE-2017-7098
CVE-2017-7099
CVE-2017-7100
CVE-2017-7102
CVE-2017-7104
CVE-2017-7107
CVE-2017-7111
CVE-2017-7117
CVE-2017-7120
CVE-2017-7090
CVE-2017-7109
CVE-2017-11120
CVE-2017-11121
CVE-2017-7103
CVE-2017-7105
CVE-2017-7108
CVE-2017-7110
CVE-2017-7112
CVE-2017-7115
CVE-2017-7116
CVE-2017-11122
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2016-0736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
CVE-2017-13909
CVE-2017-13809
CVE-2017-7084
CVE-2017-7074
CVE-2017-13820
CVE-2017-13807
CVE-2017-7143
CVE-2017-13821
CVE-2017-13890
CVE-2017-13851
CVE-2017-7138
CVE-2017-7121
CVE-2017-7122
CVE-2017-7123
CVE-2017-7124
CVE-2017-7125
CVE-2017-7126
CVE-2017-13811
CVE-2017-13835
CVE-2017-11103
CVE-2017-13819
CVE-2017-13837
CVE-2017-13906
CVE-2017-7077
CVE-2017-7119
CVE-2017-13810
CVE-2017-13827
CVE-2016-4736
CVE-2018-4302
CVE-2017-7141
CVE-2017-7078
CVE-2017-6451
CVE-2017-6452
CVE-2017-6455
CVE-2017-6458
CVE-2017-6459
CVE-2017-6460
CVE-2017-6462
CVE-2017-6463
CVE-2017-6464
CVE-2016-9042
CVE-2017-13824
CVE-2017-13846
CVE-2017-10140
CVE-2017-7132
CVE-2017-13823
CVE-2017-13808
CVE-2017-13838
CVE-2017-7082
CVE-2017-13908
CVE-2017-13839
CVE-2017-13910
CVE-2017-13863
CVE-2017-7131
CVE-2017-7088
CVE-2017-7072
CVE-2017-7140
CVE-2017-7148
CVE-2017-7097
CVE-2017-7118
CVE-2017-7133
CVE-2017-7075
CVE-2017-7139
CVE-2017-13806
CVE-2017-7085
CVE-2017-13877
CVE-2017-7146
CVE-2017-6211
CVE-2017-7145
CVE-2017-7089
CVE-2017-7106
CVE-2017-7144
CVE-2017-7142

Frequently Asked Questions

What is CVE-2017-13873?
CVE-2017-13873 is a vulnerability in certain Apple products that allows attackers to obtain sensitive network-activity information about arbitrary apps.
Which Apple products are affected by CVE-2017-13873?
iOS before version 11, macOS before version 10.13, tvOS before version 11, and watchOS before version 4 are affected by CVE-2017-13873.
What is the severity of CVE-2017-13873?
CVE-2017-13873 has a severity keyword of 'medium' and a severity value of 4.3.
How can I fix CVE-2017-13873?
To fix CVE-2017-13873, update your Apple product to the latest version of iOS, macOS, tvOS, or watchOS, depending on the affected product.
Where can I find more information about CVE-2017-13873?
You can find more information about CVE-2017-13873 on the Apple support website: [https://support.apple.com/HT208112](https://support.apple.com/HT208112), [https://support.apple.com/HT208113](https://support.apple.com/HT208113), [https://support.apple.com/HT208115](https://support.apple.com/HT208115).

agent/type
agent/first-publish-date
agent/weakness
agent/references
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
collector/apple-support
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/apple
canonical/tvos
canonical/macos high sierra
canonical/apple ios, ipados, and watchos
canonical/ios
canonical/apple ios and macos