CVE-2018-4404

HIGH EXPLOITED

Safari Proxy Object Type Confusion

Title source: metasploit
STIX 2.1

Exploitation Summary

CVE-2018-4404 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Metasploit, saelo, including a Metasploit module exploits/osx/browser/safari_proxy_object_type_confusion.

AI-analyzed exploit summary This Metasploit module exploits a type confusion vulnerability in WebKit's JavaScript Proxy object (CVE-2018-4233) and a logic error in libxpc (CVE-2018-4404) to achieve remote code execution on macOS versions 10.12 to 10.13.3.

Description

In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemacos
https://www.exploit-db.com/exploits/45998

This Metasploit module exploits a type confusion vulnerability in WebKit's JavaScript Proxy object (CVE-2018-4233) and a logic error in libxpc (CVE-2018-4404) to achieve remote code execution on macOS versions 10.12 to 10.13.3.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Apple Safari on macOS 10.12 to 10.13.3
No auth needed
Prerequisites: Victim must visit a malicious webpage · Target macOS version must be vulnerable
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC MANUAL
by saelo · rubypocosx
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/safari_proxy_object_type_confusion.rb

This Metasploit module exploits a type confusion vulnerability in WebKit's JavaScript Proxy object (CVE-2018-4233) and a logic error in libxpc (CVE-2018-4404) to achieve remote code execution on macOS Safari. It uses a two-stage payload to bypass mitigations and execute arbitrary commands.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Apple Safari on macOS versions 10.12 to 10.13.3
No auth needed
Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Safari · macOS version between 10.12 and 10.13.3
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208849
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45998/
Vendor Advisory x_refsource_misc
https://support.apple.com/HT208848%2C

Scores

CVSS v3 8.8
EPSS 0.7023
EPSS Percentile 98.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

VulnCheck KEV 2024-05-29
CWE
CWE-119
Status published
Products (2)
apple/iphone_os < 11.4
apple/mac_os_x 10.13.0 - 10.13.5
Published Jan 11, 2019
Tracked Since Feb 18, 2026