- Description
- A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- ipados, iphone_os
CVSS 3.1
- Type
- Secondary
- Base score
- 4.9
- Impact score
- 3.6
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-400
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "118313FD-8CF6-4412-B1A8-4BC3D5C2F519",
"versionEndExcluding": "18.7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F201257D-2F7C-43AA-BD51-ED5EC98F99E0",
"versionEndExcluding": "26.4",
"versionStartIncluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "684E10EB-D01A-4E80-8764-B48B554B0B5E",
"versionEndExcluding": "18.7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F08C35-7A60-4FEC-8D44-533902F43EDD",
"versionEndExcluding": "26.4",
"versionStartIncluding": "26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]