CVE-2019-8605

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.

References

https://support.apple.com/HT210118

https://support.apple.com/HT210119

https://support.apple.com/HT210120

https://support.apple.com/HT210122

Details

Source: MITRE

Published: 2019-12-18

Updated: 2019-12-20

Type: CWE-416

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
131702Apple TV < 12.4.1 A Use-After-Free VulnerabilityNessusMisc.
high
701155Apple iOS < 12.4.1 Use-After-Free (SockPuppet)Nessus Network MonitorMobile Devices
high
128150Apple iOS < 12.4.1 Privilege Escalation VulnerabilityNessusMobile Devices
high
700719Apple TV 12.0.0 and < 12.3 Multiple VulnerabilitiesNessus Network MonitorInternet Services
critical
700713Apple iOS < 12.3 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
high
700667macOS 10.x < 10.14.5 Multiple Vulnerabilities (APPLE-SA-2019-05-09)Nessus Network MonitorOperating System Detection
high
125151macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)NessusMacOS X Local Security Checks
high
125150macOS 10.14.x < 10.14.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
125148Apple TV < 12.3 Multiple VulnerabilitiesNessusMisc.
high
125090Apple iOS < 12.3 Multiple VulnerabilitiesNessusMobile Devices
high