First published: Tue Oct 31 2017(Updated: )
Login Window. A state management issue was addressed with improved state validation.
Credit: an anonymous researcher product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS High Sierra | <10.13.1 | 10.13.1 |
Apple Sierra | ||
Apple El Capitan | ||
Apple Mac OS X | >=10.11<10.11.6 | |
Apple Mac OS X | >=10.12<=10.12.5 | |
Apple Mac OS X | =10.11.6 | |
Apple Mac OS X | =10.11.6-security_update_2016-001 | |
Apple Mac OS X | =10.11.6-security_update_2016-002 | |
Apple Mac OS X | =10.11.6-security_update_2016-003 | |
Apple Mac OS X | =10.11.6-security_update_2017-001 | |
Apple Mac OS X | =10.11.6-security_update_2017-002 | |
Apple Mac OS X | =10.11.6-security_update_2017-003 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-13907 is a vulnerability in the Login Window of macOS High Sierra, Sierra, and El Capitan that allows the screen lock to unexpectedly remain unlocked.
CVE-2017-13907 has a severity rating of 6.8, which is considered medium.
CVE-2017-13907 affects macOS High Sierra 10.13.1, Sierra, and El Capitan.
To fix CVE-2017-13907, update to macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, or Security Update 2017-004 El Capitan.
You can find more information about CVE-2017-13907 on the following page: https://support.apple.com/en-us/HT208221.