CVE-2018-4193

HIGH

macOS < 10.13.5 - Memory Corruption in Windows Server Component

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-4193. PoCs published by Synacktiv, Synacktiv-contrib.

AI-analyzed exploit summary This exploit targets CVE-2018-4193, a use-after-free vulnerability in Apple's WindowServer. It leverages heap manipulation and ROP chains to achieve arbitrary code execution.

Description

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Exploits (2)

exploitdb WORKING POC

by Synacktiv · localmacos

https://www.exploit-db.com/exploits/46428

View Code ZIP pw:eip

This exploit targets CVE-2018-4193, a use-after-free vulnerability in Apple's WindowServer. It leverages heap manipulation and ROP chains to achieve arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Apple macOS WindowServer (versions affected by CVE-2018-4193)

No auth needed

Prerequisites: Local access to a vulnerable macOS system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB 69 stars

by Synacktiv-contrib · poc

https://github.com/Synacktiv-contrib/CVE-2018-4193

View Code ZIP pw:eip

The repository contains only a README.md file with a title mentioning CVE-2018-4193 but no actual exploit code or technical details. It appears to be a placeholder or incomplete submission.

Classification

Stub 10%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/107135

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041027

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46428/

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT208849

Scores

CVSS v3 7.8

EPSS 0.0569

EPSS Percentile 92.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

apple/mac_os_x < 10.13.5

Published Jun 08, 2018

Tracked Since Feb 18, 2026