CVE-2018-4321: Input Validation

Q: What is CVE-2018-4321?

CVE-2018-4321 is a vulnerability that existed in the entitlement verification in Apple devices running iOS 12, macOS Mojave 10.14, and tvOS 12 or prior versions.

Q: What is the severity of CVE-2018-4321?

CVE-2018-4321 has a severity rating of 5.3, which is considered medium.

Q: How does CVE-2018-4321 affect Apple devices?

CVE-2018-4321 affects Apple devices running iOS 12, macOS Mojave 10.14, and tvOS 12 or prior versions.

Q: How can I fix CVE-2018-4321?

To fix CVE-2018-4321, update your Apple device to iOS 12, macOS Mojave 10.14, or tvOS 12 or later versions.

Q: Where can I find more information about CVE-2018-4321?

You can find more information about CVE-2018-4321 on the Apple support website at the following links: [support.apple.com/kb/HT209106](support.apple.com/kb/HT209106), [support.apple.com/kb/HT209107](support.apple.com/kb/HT209107), [support.apple.com/kb/HT209139](support.apple.com/kb/HT209139).

Published Sep 17, 2018

Updated

Auto Unlock. A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.

Other sources

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.

Credit

Min (Spark) Zheng(Alibaba Inc), Xiaolong Bai(Alibaba Inc), Min (Spark) Zheng

Affected Software

6 affected componentsFixes available

Apple tvOS<12

Apple macOS Mojave<10.14

10.14

Apple iOS<12

Apple iPhone OS<12.0

Apple iOS and macOS<10.14

Apple tvOS<12

Event History

Apr 3, 2019

CVE Published

via MITRE·05:43 PM

Data Sourced

via MITRE·05:43 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2018-4321
CVE-2018-5383
CVE-2018-4126
CVE-2018-4412
CVE-2018-4414
CVE-2018-4347
CVE-2018-4433
CVE-2018-4426
CVE-2018-4331
CVE-2018-4332
CVE-2018-4343
CVE-2018-4408
CVE-2018-4341
CVE-2018-4354
CVE-2018-4383
CVE-2018-4401
CVE-2018-4305
CVE-2018-4399
CVE-2018-4407
CVE-2018-4363
CVE-2018-4336
CVE-2018-4337
CVE-2018-4340
CVE-2018-4344
CVE-2018-4425
CVE-2018-4313
CVE-2016-1777
CVE-2018-4395
CVE-2018-4203
CVE-2018-4304
CVE-2018-4316
CVE-2018-4345
CVE-2018-4191
CVE-2018-4299
CVE-2018-4359
CVE-2018-4323
CVE-2018-4358
CVE-2018-4328
CVE-2018-4197
CVE-2018-4318
CVE-2018-4306
CVE-2018-4312
CVE-2018-4314
CVE-2018-4315
CVE-2018-4317
CVE-2018-4309
CVE-2018-4361
CVE-2018-4474
CVE-2018-4360
CVE-2018-4295
CVE-2018-4324
CVE-2018-4417
CVE-2018-4353
CVE-2017-12613
CVE-2017-12618
CVE-2018-4411
CVE-2018-4308
CVE-2018-4333
CVE-2018-4153
CVE-2018-4406
CVE-2018-4346
CVE-2018-4296
CVE-2019-8643
CVE-2017-5731
CVE-2017-5732
CVE-2017-5733
CVE-2017-5734
CVE-2017-5735
CVE-2018-3646
CVE-2018-4355
CVE-2018-4396
CVE-2018-4418
CVE-2018-4351
CVE-2018-4350
CVE-2018-4334
CVE-2018-4451
CVE-2018-4456
CVE-2015-3194
CVE-2015-5333
CVE-2015-5334
CVE-2016-0702
CVE-2018-4348
CVE-2018-4326
CVE-2018-4310
CVE-2018-3639
CVE-2018-4393
CVE-2018-4338
CVE-2018-4322
CVE-2018-4356
CVE-2018-4335
CVE-2018-4352
CVE-2018-4329
CVE-2018-4307
CVE-2018-4362
CVE-2018-4325
CVE-2018-4311
CVE-2018-4319

Frequently Asked Questions

What is CVE-2018-4321?

CVE-2018-4321 is a vulnerability that existed in the entitlement verification in Apple devices running iOS 12, macOS Mojave 10.14, and tvOS 12 or prior versions.

What is the severity of CVE-2018-4321?