CVE-2018-4178

MEDIUM

macOS < 10.13.4 - Unprotected User Data Exposure via Incorrect Permission Assignment

Title source: llm
STIX 2.1

Description

A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208937

Scores

CVSS v3 5.5
EPSS 0.0026
EPSS Percentile 17.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-732
Status published
Products (1)
apple/mac_os_x < 10.13.4
Published Apr 03, 2019
Tracked Since Feb 18, 2026