PT-2019-18042 · Apple · Icloud For Windows

Stefan Kanthak

Published

2019-12-18

Updated

2019-12-21

CVE-2019-6236

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iCloud for Windows versions prior to 7.11

Description A race condition existed during the installation of iCloud for Windows, which could result in arbitrary code execution if the iCloud installer is run in an untrusted directory. This issue was addressed with improved state handling.

Recommendations For versions prior to 7.11, update to version 7.11 to resolve the issue. As a temporary workaround, consider avoiding the installation of iCloud for Windows in untrusted directories until the update is applied.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2019-6236

Affected Products

Icloud For Windows

PT-2019-18042 · Apple · Icloud For Windows

CVE-2019-6236

Weakness Enumeration

Related Identifiers

Affected Products

References · 3