vulnerability

OS X update for SMB (CVE-2017-13908)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Oct 19, 2018	Oct 19, 2018	Jan 6, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Oct 19, 2018

Added

Oct 19, 2018

Modified

Jan 6, 2022

Description

An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute non-executable text files via an SMB share.

Solutions

apple-osx-security-update-2017-001-sierraapple-osx-security-update-2017-004-el-capitanapple-osx-upgrade-10_13

References

CVE-2017-13908
https://attackerkb.com/topics/CVE-2017-13908
URL-https://support.apple.com/kb/HT208144
URL-https://support.apple.com/kb/HT208221

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today