CVE-2018-4196: Infoleak
Accessibility Framework. An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is CVE-2018-4196?
CVE-2018-4196 is an information disclosure vulnerability in the Accessibility Framework component of certain Apple products.
Which Apple products are affected by CVE-2018-4196?
macOS versions prior to 10.13.5 are affected by CVE-2018-4196.
How can an attacker exploit CVE-2018-4196?
An attacker can exploit CVE-2018-4196 by executing arbitrary code in a privileged context or obtaining sensitive information using a crafted app.
What is the severity of CVE-2018-4196?
CVE-2018-4196 has a severity score of 7.8 out of 10, making it a critical vulnerability.
How can I fix CVE-2018-4196?
Update your macOS to version 10.13.5 or later to fix CVE-2018-4196.