PT-2019-19231 · Apple · Apple Macos

Scott Knight

Published

2019-12-18

Updated

2024-08-26

CVE-2019-8805

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.15.1

Description A validation issue existed in the entitlement verification, allowing an application to potentially execute arbitrary code with system privileges. This issue was addressed with improved validation of the process entitlement.

Recommendations For versions prior to 10.15.1, update to macOS Catalina 10.15.1 to resolve the issue. As a temporary workaround, consider restricting access to the EndpointSecurity framework until the update is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-8805

Affected Products

Apple Macos

PT-2019-19231 · Apple · Apple Macos

CVE-2019-8805

Related Identifiers

Affected Products

References · 9