First published: Tue Oct 30 2018(Updated: )
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
Credit: an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.1 | |
Apple Mac OS X | <10.14.1 | |
Apple tvOS | <12.1 | |
Apple watchOS | <5.1 | |
Apple watchOS | <5.1 | 5.1 |
Apple tvOS | <12.1 | 12.1 |
Apple iOS | <12.1 | 12.1 |
Apple macOS Mojave | <10.14.1 | 10.14.1 |
Apple High Sierra | ||
Apple Sierra |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2018-4369 is a vulnerability in NetworkExtension that is caused by a logic issue in state management.
CVE-2018-4369 has a severity rating of 7.5 out of 10, indicating a high severity.
Versions of iOS prior to 12.1 are affected by CVE-2018-4369.
Versions of macOS prior to Mojave 10.14.1 are affected by CVE-2018-4369.
To fix CVE-2018-4369, update to iOS 12.1 or later, macOS Mojave 10.14.1 or later, tvOS 12.1 or later, or watchOS 5.1 or later.