vulnerability

OS X update for Contacts (CVE-2017-13892)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Oct 3, 2018

Added

Oct 3, 2018

Modified

Mar 27, 2026

Description

An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may lead to unexpected data sharing.

Solution

apple-osx-upgrade-10_13_2

References

CVE-2017-13892
https://attackerkb.com/topics/CVE-2017-13892
EUVD-EUVD-2017-5407
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-5407
https://support.apple.com/kb/HT208331

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report