CVE-2018-4347

Vulnerability

A use-after-free vulnerability exists in the kernel extension handling of multiple Apple platforms, including iOS prior to 12, macOS Mojave prior to 10.14, tvOS prior to 12, watchOS prior to 5, iTunes prior to 12.9 for Windows, and iCloud for Windows prior to 7.7 [1][2][3][4]. The issue was addressed with improved memory management.

Exploitation

An attacker must have the ability to run a locally installed application on the affected device. No other special network position or user interaction beyond launching the malicious app is required [1][2][3][4]. The exact exploitation steps are not disclosed in the available references.

Impact

Depending on the platform, successful exploitation can allow a local app to read a persistent account identifier (iOS, tvOS) or potentially execute arbitrary code with system privileges (watchOS) [1][3][4]. The macOS advisory links to Bluetooth-related components, though the exact impact for macOS is not fully detailed [2].

Mitigation

Apple released fixes in iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, and iCloud for Windows 7.7 on September 17, 2018 (September 24, 2018 for macOS) [1][2][3][4]. Users should update to the latest available versions. No workarounds were provided in the advisories.