First published: Thu Mar 29 2018(Updated: )
Notes. A race condition was addressed with additional validation.
Credit: Samuel Groß @5aelo product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X | <10.13.4 | |
Apple macOS High Sierra | <10.13.4 | 10.13.4 |
Apple Sierra | ||
Apple El Capitan |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2018-4152 is a vulnerability in certain Apple products before macOS 10.13.4 that involves the Notes component and allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2018-4152 affects macOS versions before 10.13.4.
CVE-2018-4152 has a severity rating of 7 (high).
To fix CVE-2018-4152, update your macOS to version 10.13.4 or later.
You can find more information about CVE-2018-4152 at the following references: [1] [2] [3].