CVE-2018-4095: Buffer Overflow
First published: Tue Apr 03 2018(Updated: )
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Apple Tv | <11.2.5 | |
| Apple iPhone OS | <11.2.5 | |
| Apple watchOS | <4.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-4095?
The severity of CVE-2018-4095 is critical, with a severity value of 7.8.
Which Apple products are affected by CVE-2018-4095?
iOS before 11.2.5, tvOS before 11.2.5, and watchOS before 4.2.2 are affected by CVE-2018-4095.
What is the issue with CVE-2018-4095?
CVE-2018-4095 involves the "Core Bluetooth" component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service.
How can CVE-2018-4095 be exploited?
CVE-2018-4095 can be exploited by exploiting the vulnerability in the "Core Bluetooth" component to execute arbitrary code or cause a denial of service.
Where can I find more information about CVE-2018-4095?
More information about CVE-2018-4095 can be found at the following references: [1] [2] [3].
- agent/type
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple apple tv
- canonical/apple iphone os
- canonical/apple watchos