CVE-2018-4404

Vulnerability

CVE-2018-4404 is a memory corruption issue in Apple iOS (before 11.4) and macOS High Sierra (before 10.13.5). The vulnerability resides in the WebKit component, specifically a proxy object type confusion in Safari, as indicated by a published Metasploit exploit [2]. The bug can be triggered when processing maliciously crafted web content, leading to memory corruption.

Exploitation

An attacker can exploit this vulnerability by hosting a malicious website and luring a user to visit it via Safari. No additional authentication or user interaction beyond visiting the page is required. The exploit leverages a type confusion in Safari's proxy object handling, allowing the attacker to corrupt memory in a controlled manner [2]. The Metasploit module provides a reliable exploitation path.

Impact

Successful exploitation allows an attacker to execute arbitrary code with the privileges of the user running Safari. This can lead to full system compromise, including data theft, installation of malware, or further escalation of privileges. The impact is consistent with a memory corruption vulnerability that enables remote code execution.

Mitigation

Apple addressed this vulnerability in iOS 11.4 and macOS High Sierra 10.13.5, released on June 1, 2018 [1]. Users should update their devices to the latest available versions. No workarounds are documented, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.