OS-OTHER Apple macOS and iOS fgetattrlist kernel heap overflow attempt
This event is generated when an attacker attempts to exploit a heap overflow vulnerability present in macOS and iOS.
Attempted Administrator Privilege Gain
CVSS base score 7.8
CVSS impact score 5.9
CVSS exploitability score 1.8
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
Rule checks for attempts to exploit a heap overflow vulnerability present in macOS and iOS.
CVE-2018-4243: An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.