CVE-2017-13905
moderate-risk
Published 2021-12-23
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
Do I need to act?
-
0.61% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10
High
NETWORK
/ HIGH complexity
Affected Products (15)
Affected Vendors
References (8)
Vendor Advisory
https://support.apple.com/en-us/HT208325
Vendor Advisory
https://support.apple.com/en-us/HT208327
Vendor Advisory
https://support.apple.com/en-us/HT208331
Vendor Advisory
https://support.apple.com/en-us/HT208334
Vendor Advisory
https://support.apple.com/en-us/HT208325
Vendor Advisory
https://support.apple.com/en-us/HT208327
Vendor Advisory
https://support.apple.com/en-us/HT208331
Vendor Advisory
https://support.apple.com/en-us/HT208334
44
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
2/34 · Minimal
Exposure
18/34 · Moderate