CVE-2018-4235: Input Validation
Messages. An injection issue was addressed with improved input validation.
Other sources
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified injection.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is CVE-2018-4235?
CVE-2018-4235 is a vulnerability that allows local users to perform impersonation attacks via an unspecified injection in the Messages component of certain Apple products.
Which Apple products are affected by CVE-2018-4235?
iOS before 11.4, macOS before 10.13.5, tvOS before 11.4, and watchOS before 4.3.1 are affected by CVE-2018-4235.
What is the severity of CVE-2018-4235?
CVE-2018-4235 has a severity score of 5.5 out of 10.
How can I fix CVE-2018-4235?
To fix CVE-2018-4235, update your Apple device to the latest available software version.
Where can I find more information about CVE-2018-4235?
You can find more information about CVE-2018-4235 on the SecurityTracker website and Apple support pages.