CVE-2018-4248

HIGH

iPhone OS < 11.4.1 - Out-of-bounds Read

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4248. PoCs published by bazad.

AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2018-4248, an out-of-bounds memory read vulnerability in libxpc on macOS 10.13.5 and iOS 11.4. It leverages the vulnerability to read heap memory from diagnosticd, an unsandboxed root process.

Description

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.

Exploits (1)

nomisec WORKING POC 54 stars
by bazad · poc
https://github.com/bazad/xpc-string-leak

This is a proof-of-concept exploit for CVE-2018-4248, an out-of-bounds memory read vulnerability in libxpc on macOS 10.13.5 and iOS 11.4. It leverages the vulnerability to read heap memory from diagnosticd, an unsandboxed root process.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: macOS 10.13.5, iOS 11.4 (libxpc)
No auth needed
Prerequisites: Access to a vulnerable macOS or iOS device · Ability to execute the exploit binary
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208937
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208938
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208935
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT208936

Scores

CVSS v3 7.5
EPSS 0.0240
EPSS Percentile 81.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-125
Status published
Products (4)
apple/iphone_os < 11.4.1
apple/mac_os_x < 10.13.6
apple/tvos < 11.4.1
apple/watchos < 4.3.2
Published Apr 03, 2019
Tracked Since Feb 18, 2026