PT-2020-11278 · Apple · Apple Macos

Ash Fox

Published

2020-10-27

Updated

2020-11-02

CVE-2019-8640

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.14.5 Security Update versions prior to 2019-003 High Sierra Security Update versions prior to 2019-003 Sierra

Description A logic issue was addressed with improved validation, allowing a sandboxed process to potentially circumvent sandbox restrictions.

Recommendations For macOS versions prior to 10.14.5, update to macOS Mojave 10.14.5. For Security Update versions prior to 2019-003 High Sierra, apply Security Update 2019-003 High Sierra. For Security Update versions prior to 2019-003 Sierra, apply Security Update 2019-003 Sierra.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-8640

Affected Products

Apple Macos

PT-2020-11278 · Apple · Apple Macos

CVE-2019-8640

Weakness Enumeration

Related Identifiers

Affected Products

References · 4