PT-2019-19170 · Apple · Xcode

Pan Zhenpeng

Published

2019-12-18

Updated

2019-12-22

CVE-2019-8724

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xcode versions prior to 11.0

Description The issue arises from multiple problems in ld64 within the Xcode toolchains, which could be exploited to achieve arbitrary code execution with user privileges due to insufficient input validation during code compilation.

Recommendations For versions prior to 11.0, update to Xcode 11.0 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-8724

Affected Products

Xcode

PT-2019-19170 · Apple · Xcode

CVE-2019-8724

Weakness Enumeration

Related Identifiers

Affected Products

References · 3