CVE-2017-13905
HIGHiPhone OS < 11.2, macOS < 10.13.2, tvOS < 11.2, watchOS < 4.2 - Privilege Escalation via Race Condition
Title source: llmDescription
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT208325
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT208327
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT208334
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT208331
Scores
CVSS v3
8.1
EPSS
0.0091
EPSS Percentile
55.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-362
Status
published
Products (7)
apple/iphone_os
< 11.2
apple/mac_os_x
10.11.6 (8 CPE variants)
apple/mac_os_x
10.12.6 (2 CPE variants)
apple/mac_os_x
10.11 - 10.11.6
apple/macos
< 10.13.2
apple/tvos
< 11.2
apple/watchos
< 4.2
Published
Dec 23, 2021
Tracked Since
Feb 18, 2026