PT-2020-11303 · Apple · Sierra+2

Abdullah H. Aljaber

Published

2020-10-27

Updated

2020-10-30

CVE-2019-8777

CVSS v3.1

2.4

Low

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.14.4 Security Update versions prior to 2019-002 High Sierra Security Update versions prior to 2019-002 Sierra

Description A lock screen issue allowed unauthorized access to contacts on a locked device. The problem was caused by inadequate state management. A local attacker could potentially view contacts from the lock screen.

Recommendations For macOS versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For Security Update versions prior to 2019-002 High Sierra, apply Security Update 2019-002 High Sierra or later. For Security Update versions prior to 2019-002 Sierra, apply Security Update 2019-002 Sierra or later.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2019-8777

Affected Products

High Sierra

Sierra

Apple Macos

PT-2020-11303 · Apple · Sierra+2

CVE-2019-8777

Weakness Enumeration

Related Identifiers

Affected Products

References · 3