PT-2020-11259 · Apple · Macos Sierra+4

Anoane

Published

2020-10-27

Updated

2020-10-29

CVE-2019-8528

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 5.2 macOS Mojave versions prior to 10.14.4 macOS High Sierra versions prior to Security Update 2019-002 macOS Sierra versions prior to Security Update 2019-002 iOS versions prior to 12.2

Description A use after free issue was addressed with improved memory management. This issue allows an application to potentially execute arbitrary code with kernel privileges.

Recommendations For watchOS versions prior to 5.2, update to watchOS 5.2. For macOS Mojave versions prior to 10.14.4, update to macOS Mojave 10.14.4. For macOS High Sierra versions prior to Security Update 2019-002, apply Security Update 2019-002. For macOS Sierra versions prior to Security Update 2019-002, apply Security Update 2019-002. For iOS versions prior to 12.2, update to iOS 12.2.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2019-8528

Affected Products

Ios

Macos High Sierra

Macos Mojave

Macos Sierra

Watchos

PT-2020-11259 · Apple · Macos Sierra+4

CVE-2019-8528

Weakness Enumeration

Related Identifiers

Affected Products

References · 5