First published: Wed Sep 12 2018(Updated: )
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
Credit: Vasyl Tkachuk ReaddleVasyl Tkachuk Readdlean anonymous researcher Vasyl Tkachuk ReaddleVasyl Tkachuk ReaddleVasyl Tkachuk Readdle product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iCloud for Windows | <7.7 | 7.7 |
Apple iTunes for Windows | <12.9 | 12.9 |
Apple watchOS | <5 | 5 |
Apple macOS Mojave | <10.14 | 10.14 |
Apple tvOS | <12 | 12 |
Apple iOS | <12 | 12 |
Apple iPhone OS | <12.0 | |
Apple Mac OS X | <10.14 | |
Apple tvOS | <12 | |
Apple watchOS | <5.0 | |
Apple iCloud | <7.7 | |
Apple iTunes | <12.9 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2018-4347 is a vulnerability in Apple devices that allows for a use after free issue due to improved memory management.
Devices running iOS versions prior to 12, macOS Mojave versions prior to 10.14, tvOS versions prior to 12, watchOS versions prior to 5, iTunes for Windows versions prior to 12.9, and iCloud for Windows versions prior to 7.7 are affected by CVE-2018-4347.
CVE-2018-4347 has a severity rating of 7.8, which is considered high.
To fix CVE-2018-4347, update your Apple devices to the latest versions of iOS, macOS Mojave, tvOS, watchOS, iTunes for Windows, and iCloud for Windows. Refer to Apple's support page for more information.
The CWE ID for CVE-2018-4347 is 416.