CVE-2017-7151

HIGH

iPhone OS < 11.2, macOS < 10.13.2, tvOS < 11.2, watchOS < 4.2, iTunes < 12.7.2 - Race Condition

Title source: llm
STIX 2.1

Description

A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.

References (6)

Core 6
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208326
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208327
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208325
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208331
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208334
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208692

Scores

CVSS v3 7.0
EPSS 0.0100
EPSS Percentile 58.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (5)
apple/iphone_os < 11.2
apple/itunes < 12.7.2
apple/mac_os_x < 10.13.2
apple/tvos < 11.2
apple/watchos < 4.2
Published Apr 03, 2019
Tracked Since Feb 18, 2026