CVE-2018-4331

CRITICAL

iPhone OS < 12.0 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4331. PoCs published by bazad.

AI-analyzed exploit summary This is a working proof-of-concept exploit for CVE-2018-4331, targeting a race condition in GSSCred on macOS. The exploit uses JOP (Jump-Oriented Programming) techniques to achieve arbitrary code execution by reusing existing code fragments in the dyld shared cache.

Description

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

Exploits (1)

nomisec WORKING POC 24 stars

by bazad · poc

https://github.com/bazad/gsscred-race

View Code ZIP pw:eip

This is a working proof-of-concept exploit for CVE-2018-4331, targeting a race condition in GSSCred on macOS. The exploit uses JOP (Jump-Oriented Programming) techniques to achieve arbitrary code execution by reusing existing code fragments in the dyld shared cache.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: macOS GSSCred (likely affecting macOS High Sierra and earlier)

No auth needed

Prerequisites: Local access to a vulnerable macOS system · Compilation of the exploit code for the target architecture

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1211 - Exploitation for Defense Evasion

devstral-2 · analyzed Feb 16, 2026 Full analysis →