What is CVE-2018-4407?

CVE-2018-4407 is a vulnerability in Ios, Macos, Tvos, Watchos. Published 2019-04-03.

Is CVE-2018-4407 known to be exploited?

76 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ios, Macos, Tvos, Watchos

CVE-2018-4407

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

EPSS: 0.908 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a Ios, Macos, Tvos, Watchos — versions Versions prior to: iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5

Public proof-of-concept exploits

Pa55w0rd/check_icmp_dos
unixpickle/cve-2018-4407
r3dxpl0it/CVE-2018-4407
farisv/AppleDOS
zteeed/CVE-2018-4407-IOS
WyAtu/CVE-2018-4407
SamDecrock/node-cve-2018-4407
pwnhacker0x18/iOS-Kernel-Crash
anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407
zeng9t/CVE-2018-4407-iOS-exploit

References

support.apple.com/kb/HT209107
support.apple.com/kb/HT209193
support.apple.com/kb/HT209106
support.apple.com/kb/HT209139
support.apple.com/kb/HT209108
packetstormsecurity.com/files/172832/iOS-11.4.1-macOS-10.13.6-icmp_error-Heap-B…

Frequently asked questions

What is CVE-2018-4407?: CVE-2018-4407 is a vulnerability in Ios, Macos, Tvos, Watchos. Published 2019-04-03.
Is CVE-2018-4407 known to be exploited?: 76 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.