CVE-2018-4415

HIGH

macOS < 10.14.1 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4415. PoCs published by T1V0h.

AI-analyzed exploit summary This PoC exploits an integer overflow vulnerability in CoreAnimation (CVE-2018-4415) by sending a crafted Mach message to the CARenderServer service, triggering a heap overflow. It targets macOS 10.14 and iOS 12.0 due to version-specific message structures.

Description

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.

Exploits (1)

nomisec WORKING POC

by T1V0h · poc

https://github.com/T1V0h/CVE-2018-4415

View Code ZIP pw:eip

This PoC exploits an integer overflow vulnerability in CoreAnimation (CVE-2018-4415) by sending a crafted Mach message to the CARenderServer service, triggering a heap overflow. It targets macOS 10.14 and iOS 12.0 due to version-specific message structures.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: macOS 10.14, iOS 12.0 (CoreAnimation in QuartzCore)

No auth needed

Prerequisites: Access to the target system's Mach service com.apple.CARenderServer

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/kb/HT209193

Scores

CVSS v3 7.8

EPSS 0.0029

EPSS Percentile 52.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

apple/mac_os_x < 10.14.1

Published Apr 03, 2019

Tracked Since Feb 18, 2026