CVE-2018-4162

HIGH

Safari < 11.1 - Remote Code Execution via Crafted Web Site

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4162. PoCs published by kudima, Ian Beer, WanderingGlitch, timwr, including Metasploit module exploits/apple_ios/browser/safari_jit.

AI-analyzed exploit summary This Metasploit module exploits a JIT optimization bug in Safari WebKit (CVE-2016-4669) to achieve arbitrary code execution on iOS 7.1.2. It leverages a kernel exploit to obtain root privileges and disable code signing, then downloads and executes a Meterpreter payload.

Description

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Exploits (1)

metasploit WORKING POC GOOD

by kudima, Ian Beer, WanderingGlitch, timwr · rubypocapple_ios

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/apple_ios/browser/safari_jit.rb

View Code ZIP pw:eip

This Metasploit module exploits a JIT optimization bug in Safari WebKit (CVE-2016-4669) to achieve arbitrary code execution on iOS 7.1.2. It leverages a kernel exploit to obtain root privileges and disable code signing, then downloads and executes a Meterpreter payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: Safari WebKit on iOS 7.1.2

No auth needed

Prerequisites: Target device running iOS 7.1.2 · Safari browser access

MITRE ATT&CK