PT-2019-19168 · Apple · Xcode

Pan Zhenpeng

Published

2019-12-18

Updated

2019-12-23

CVE-2019-8722

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xcode versions prior to 11.0

Description The issue arises from multiple problems in ld64 within the Xcode toolchains, which could lead to arbitrary code execution with user privileges if code is compiled without proper input validation.

Recommendations For versions prior to 11.0, update to Xcode 11.0 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-8722

Affected Products

Xcode

PT-2019-19168 · Apple · Xcode

CVE-2019-8722

Weakness Enumeration

Related Identifiers

Affected Products

References · 3