Rapid7 Vulnerability & Exploit Database

OS X update for Graphics (CVE-2018-12152)

Back to Search

OS X update for Graphics (CVE-2018-12152)

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
10/10/2018
Created
11/07/2019
Added
11/06/2019
Modified
08/23/2021

Description

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.

Solution(s)

  • apple-osx-security-update-2019-001-mojave
  • apple-osx-security-update-2019-006-high-sierra
  • apple-osx-upgrade-10_15

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;