CVE-2018-4387: Infoleak

Reference Links

• https://support.apple.com/en-us/HT209192 (Advisory)
• https://support.apple.com/kb/HT209192

Parent vulnerabilities

(Appears in the following advisories)

• HT209192

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2018-4384
• CVE-2018-4339
• CVE-2018-4365
• CVE-2018-4398
• CVE-2018-4366
• CVE-2018-4367
• CVE-2018-4394
• CVE-2018-4427
• CVE-2018-4371
• CVE-2018-4420
• CVE-2018-4413
• CVE-2018-4419
• CVE-2018-4381
• CVE-2018-4390
• CVE-2018-4391
• CVE-2018-4369
• CVE-2018-4388
• CVE-2018-4374
• CVE-2018-4377
• CVE-2018-4400
• CVE-2018-4387
• CVE-2018-4385
• CVE-2018-4372
• CVE-2018-4373
• CVE-2018-4375
• CVE-2018-4376
• CVE-2018-4382
• CVE-2018-4386
• CVE-2018-4392
• CVE-2018-4416
• CVE-2018-4409
• CVE-2018-4378
• CVE-2018-4368

Frequently Asked Questions

• How can an attacker leverage CVE-2018-4387?

  An attacker can use this vulnerability to access photos on a locked device by exploiting a lock screen issue.

• Which versions of iOS are affected by CVE-2018-4387?

  Versions prior to iOS 12.1 are affected.

• What is the severity rating for CVE-2018-4387?

  The severity rating for CVE-2018-4387 is low, with a CVSS score of 2.4.

• How was CVE-2018-4387 addressed?

  CVE-2018-4387 was addressed with improved state management.

• Where can I find more information about CVE-2018-4387?

  More information about CVE-2018-4387 can be found on the Apple support website: https://support.apple.com/kb/HT209192