CVE-2017-13786
Description
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the APFS component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter.
Risk Information
Base Score
4.6
MODERATE
Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.072
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.1 | Mac |
| Multiple vulnerabilities are fixed in Security Update 2017-001 macOS High Sierra v10.13.1 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-601562 | macOS High Sierra 10.13.6 - Reboot Automatically |
| PATCH-601312 | Security Update 2017-001 macOS High Sierra v10.13.1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234