CVE-2018-6336
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7
Se ha descubierto un problema en osquery. Un binario universal/fat manipulado puede evadir las comprobaciones de firma de código de terceros. Al no completar la inspección completa del binario universal/fat, el usuario de la herramienta de terceros creerá que el código ha sido firmado por Apple, pero el código malicioso no firmado se ejecutará en su lugar. Esto afecta a las versiones de osquery anteriores a la v3.2.7.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-26 CVE Reserved
- 2018-12-31 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-254: 7PK - Security Features
- CWE-354: Improper Validation of Integrity Check Value
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linuxfoundation Search vendor "Linuxfoundation" | Osquery Search vendor "Linuxfoundation" for product "Osquery" | < 3.2.7 Search vendor "Linuxfoundation" for product "Osquery" and version " < 3.2.7" | - |
Affected
| ||||||