CVE-2017-2358 Apple CVE debrief

Who should care

macOS administrators, endpoint security teams, Mac fleet owners, and anyone still operating or supporting macOS 10.12.2 and earlier systems.

Technical summary

The supplied CVE record and NVD data describe a Graphics Drivers memory-corruption weakness (CWE-119) in macOS up to and including 10.12.2. The NVD CVSS 3.0 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating a local attack that requires user interaction and can have high impact on confidentiality, integrity, and availability. Apple’s advisory (HT207483) is listed in the reference set for remediation context.

Defensive priority

High. Prioritize remediation on any remaining macOS systems at or below 10.12.2, especially endpoints that can run untrusted apps or receive user-supplied content.

Recommended defensive actions

• Upgrade affected macOS systems to 10.12.3 or later, following Apple’s vendor advisory guidance.
• Inventory endpoints to identify any systems still on macOS 10.12.2 or earlier and treat them as vulnerable until confirmed patched.
• Restrict installation and execution of untrusted applications where practical, since the attack path requires a crafted app and user interaction.
• Use vulnerability management or EDR validation to confirm the remediation state of Apple Graphics Drivers on fleet devices.
• Plan retirement or isolation for legacy macOS systems that cannot be updated to a fixed release.

Evidence notes

This debrief is grounded in the supplied CVE description, NVD metadata, and Apple vendor advisory reference. The record states macOS before 10.12.3 is affected; NVD’s CPE criteria mark macOS versions through 10.12.2 as vulnerable. The CVSS vector and CWE-119 classification are taken from the NVD entry. CVE publication time is 2017-02-20, and the source record was later modified on 2026-05-13; those dates are used only for timeline context.

Official resources