https://support.apple.com/kb/HT209106

https://support.apple.com/kb/HT209107

https://support.apple.com/kb/HT209108

https://support.apple.com/kb/HT209139

https://support.apple.com/kb/HT209193

The version of Apple iOS running on the mobile device is prior to 12.0. It is, therefore, affected by multiple vulnerabilities.

The remote host is running a version of macOS that is 10.14.x prior to 10.14.1. It is, therefore, affected by multiple vulnerabilities related to the following components :

 -AppleGraphicsControl
 -CoreAnimation
 -CoreCrypto
 -Dock
 -dyld
 -EFI
 -ICU
 -IOGraphics
 -IOKit
 -IPSec
 -Kernel
 -Mail
 -Microcode
 -NetworkExtension
 -Security
 -WiFi

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

The remote host is running a version of macOS that is prior to 10.14. It is, therefore, affected by multiple vulnerabilities in the following components :

 - afpserver
 - AppleGraphicsControl
 - Application Firewall
 - App Store
 - APR
 - ATS
 - Auto Unlock
 - Bluetooth
 - CFNetwork
 - CoreFoundation
 - CoreText
 - Crash Reporter
 - CUPS
 - Dictionary
 - Grand Central Dispatch
 - Heimdal
 - Hypervisor
 - iBooks
 - Intel Graphics Driver
 - IOHIDFamily
 - IOKit
 - IOUserEthernet
 - Kernel
 - LibreSSL
 - Login Window
 - mDNSOffloadUserClient
 - MediaRemote
 - Microcode
 - Security
 - Spotlight
 - Symptom Framework
 - Text
 - Wi-Fi

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

The remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components :

  - fpserver
  - AppleGraphicsControl
  - APR
  - ATS
  - CFNetwork
  - CoreAnimation
  - CoreCrypto
  - CoreFoundation
  - CUPS
  - Dictionary
  - dyld
  - EFI
  - Foundation
  - Grand Central Dispatch
  - Heimdal
  - Hypervisor
  - ICU
  - Intel Graphics Driver
  - IOGraphics
  - IOHIDFamily
  - IOKit
  - IOUserEthernet
  - IPSec
  - Kernel
  - Login Window
  - mDNSOffloadUserClient
  - MediaRemote
  - Microcode
  - NetworkExtension
  - Security
  - Spotlight
  - Symptom Framework
  - WiFi

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.1. It is, therefore, affected by multiple vulnerabilities related to the following components :

  -AppleGraphicsControl
  -CoreAnimation
  -CoreCrypto
  -Dock
  -dyld
  -EFI
  -ICU
  -IOGraphics
  -IOKit
  -IPSec
  -Kernel
  -Mail
  -Microcode
  -NetworkExtension
  -Security
  -WiFi

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

The remote host is running Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components :

  - afpserver
  - AppleGraphicsControl
  - APR
  - ATS
  - CFNetwork
  - CoreAnimation
  - CoreCrypto
  - CoreFoundation
  - CUPS
  - Dictionary
  - dyld
  - Foundation
  - Heimdal
  - Hypervisor
  - ICU
  - Intel Graphics Driver
  - IOGraphics
  - IOHIDFamily
  - IOKit
  - IOUserEthernet
  - IPSec
  - Kernel
  - Login Window
  - mDNSOffloadUserClient
  - MediaRemote
  - Microcode
  - Perl
  - Ruby
  - Security
  - Spotlight
  - Symptom Framework
  - WiFi

The remote host is running a version of Mac OS X that is prior to 10.13.6 or is not macOS 10.14. It is, therefore, affected by multiple vulnerabilities in the following components :

  - afpserver
  - AppleGraphicsControl
  - Application Firewall
  - App Store
  - APR
  - ATS
  - Auto Unlock
  - Bluetooth
  - CFNetwork
  - CoreFoundation
  - CoreText
  - Crash Reporter
  - CUPS
  - Dictionary
  - Grand Central Dispatch
  - Heimdal
  - Hypervisor
  - iBooks
  - Intel Graphics Driver
  - IOHIDFamily
  - IOKit
  - IOUserEthernet
  - Kernel
  - LibreSSL
  - Login Window
  - mDNSOffloadUserClient
  - MediaRemote
  - Microcode
  - Security
  - Spotlight
  - Symptom Framework
  - Text
  - Wi-Fi

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

ID	Name	Product	Family	Severity
700552	Apple iOS < 12.0 Multiple Vulnerabilities (EFAIL, APPLE-SA-2018-9-24-4 and APPLE-SA-2018-10-30-8)	Nessus Network Monitor	Mobile Devices	medium
700519	macOS 10.14.x < 10.14.1 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
700518	macOS < 10.14 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
118575	macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-002)	Nessus	MacOS X Local Security Checks	critical
118574	macOS 10.14.x < 10.14.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
118573	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-005)	Nessus	MacOS X Local Security Checks	critical
118178	macOS < 10.14 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
117632	Apple iOS < 12.0 Multiple Vulnerabilities (EFAIL)	Nessus	Mobile Devices	critical

CVE-2018-4340

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins