CVE-2018-4435

HIGH

iPhone OS < 12.1.1, macOS < 10.14.2, tvOS < 12.1.1, watchOS < 5.1.2 - Logic Issue

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4435. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a privilege escalation vulnerability in macOS (CVE-2018-4435) where a user with read-only access to a POSIX shared memory segment can escalate to write access via mprotect(). The PoC includes two programs: one to create a shared memory segment as root and another to exploit the vulnerability as an unprivileged user.

Description

A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textlocalmultiple
https://www.exploit-db.com/exploits/45960

This exploit demonstrates a privilege escalation vulnerability in macOS (CVE-2018-4435) where a user with read-only access to a POSIX shared memory segment can escalate to write access via mprotect(). The PoC includes two programs: one to create a shared memory segment as root and another to exploit the vulnerability as an unprivileged user.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: macOS (XNU kernel)
No auth needed
Prerequisites: Access to a macOS system with the vulnerability · Ability to execute binaries as root and an unprivileged user
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209343
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209342
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209340
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209341

Scores

CVSS v3 7.8
EPSS 0.0309
EPSS Percentile 86.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (4)
apple/iphone_os < 12.1.1
apple/mac_os_x < 10.14.2
apple/tvos < 12.1.1
apple/watchos < 5.1.2
Published Apr 03, 2019
Tracked Since Feb 18, 2026