vulnerability

OS X update for Apple Account Settings (CVE-2017-13909)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	Oct 19, 2018	Oct 19, 2018	Mar 27, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

Oct 19, 2018

Added

Oct 19, 2018

Modified

Mar 27, 2026

Description

An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens.

Solution

apple-osx-upgrade-10_13

References

CVE-2017-13909
https://attackerkb.com/topics/CVE-2017-13909
CWE-922
EUVD-EUVD-2017-5424
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-5424
https://support.apple.com/kb/HT208144

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today