macOS 10.13.x < 10.13.4 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 700515


The remote host is missing a macOS update that fixes multiple security vulnerabilities.


The remote host is running a version of macOS that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components :

- Admin Framework
- CoreFoundation
- CoreText
- Disk Images
- Disk Management
- File System Events
- iCloud Drive
- Intel Graphics Driver
- IOFireWireFamily
- Kernel
- kext tools
- LaunchServices
- Mail
- Notes
- NSURLSession
- NVIDIA Graphics Drivers
- PDFKit
- PluginKit
- Quick Look
- Security
- Storage
- System Preferences
- Terminal
- WindowServer

Note that successful exploitation of the most serious issues can result in arbitrary code execution.


Upgrade to macOS version 10.13.4 or later.

See Also

Plugin Details

Severity: Critical

ID: 700515

Published: 4/10/2019

Updated: 4/10/2019

Nessus ID: 108786

Risk Information


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C


Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 3/29/2018

Vulnerability Publication Date: 3/29/2018

Reference Information

CVE: CVE-2017-13890, CVE-2017-8816, CVE-2018-4104, CVE-2018-4105, CVE-2018-4106, CVE-2018-4107, CVE-2018-4108, CVE-2018-4111, CVE-2018-4112, CVE-2018-4115, CVE-2018-4131, CVE-2018-4132, CVE-2018-4135, CVE-2018-4136, CVE-2018-4138, CVE-2018-4139, CVE-2018-4142, CVE-2018-4143, CVE-2018-4144, CVE-2018-4150, CVE-2018-4151, CVE-2018-4152, CVE-2018-4154, CVE-2018-4155, CVE-2018-4156, CVE-2018-4157, CVE-2018-4158, CVE-2018-4160, CVE-2018-4166, CVE-2018-4167, CVE-2018-4170, CVE-2018-4174, CVE-2018-4175, CVE-2018-4176

BID: 101998