First published: Mon Sep 25 2017(Updated: )
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Application Firewall" component. It allows remote attackers to bypass intended settings in opportunistic circumstances by leveraging incorrect handling of a denied setting after an upgrade.
Credit: product-security@apple.com an anonymous researcher
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X | <=10.12.6 | |
Apple macOS High Sierra | <10.13 | 10.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-7084 is a vulnerability that affects certain Apple products running macOS before version 10.13.
CVE-2017-7084 allows remote attackers to bypass firewall settings in certain opportunistic circumstances after an upgrade.
The severity level of CVE-2017-7084 is medium, with a CVSSv2 score of 3.7 out of 10.
CVE-2017-7084 affects macOS versions before 10.13.
To fix CVE-2017-7084, users should update their macOS to version 10.13 or newer.