CVE-2019-8509
published 2020-10-27CVE-2019-8509: This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update…
PriorityP335high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.66%
47.1th percentile
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | >= 10.13.6 < 10.15.1 | 10.15.1 |
| apple | macos | >= unspecified < 10.15 | 10.15 |
| apple | macos_catalina | — | — |
| apple | macos_catalina_10.15.1_security_update_2019-001_and_security_update_2019-006 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2019-8509: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
vendor_apple·2019-10-29·CVSS 7.8
CVE-2019-8509 [HIGH] CVE-2019-8509: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Apple Security Update: About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Product: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
CVE: CVE-2019-8509
Component: File Quarantine
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable code.
Apple
CVE-2019-8509: macOS Catalina 10.15
vendor_apple·2019-10-07·CVSS 7.8
CVE-2019-8509 [HIGH] CVE-2019-8509: macOS Catalina 10.15
Apple Security Update: About the security content of macOS Catalina 10.15
Product: macOS Catalina
Version: 10.15
CVE: CVE-2019-8509
Component: File Quarantine
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable code.
GHSA
GHSA-676w-c8rg-vhg2: This issue was addressed by removing the vulnerable code
ghsa_unreviewed·2022-05-24
CVE-2019-8509 [HIGH] GHSA-676w-c8rg-vhg2: This issue was addressed by removing the vulnerable code
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.
No detection rules found.
No public exploits indexed.
Sentinelone
Privilege Escalation | macOS Malware & The Path to Root Part 1 - SentinelLabs
blogs_sentinelone·2019-11-06
Privilege Escalation | macOS Malware & The Path to Root Part 1 - SentinelLabs
In this two-part series, we take a look at privilege escalation on macOS. In Part 1, we look at some of the vulnerabilities that have been discovered by security researchers in recent versions of Apple’s Desktop OS, focusing on those that have been turned into reliable exploits. We draw conclusions for enterprise and end users alike based on this review. In Part 2, we switch from researchers to attackers and explore both how and why the methodology of macOS threat actors takes quite a different path from that of the research community.
## What is Privilege Escalation?
Let’s start by defining our terms. Whenever code executes, it does so within the context of a user who invokes it. Technically, users need not always actually be people, but for our purposes here we’ll stick to the simple c
Sentinelone
Privilege Escalation | macOS Malware & The Path to Root Part 1
blogs_sentinelone·2019-11-06
Privilege Escalation | macOS Malware & The Path to Root Part 1
## Privilege Escalation | macOS Malware & The Path to Root Part 1
In this two-part series, we take a look at privilege escalation on macOS. In Part 1, we look at some of the vulnerabilities that have been discovered by security researchers in recent versions of Apple’s Desktop OS, focusing on those that have been turned into reliable exploits. We draw conclusions for enterprise and end users alike based on this review. In Part 2 , we switch from researchers to attackers and explore both how and why the methodology of macOS threat actors takes quite a different path from that of the research community.
## What is Privilege Escalation?
Let’s start by defining our terms. Whenever code executes, it does so within the context of a user who invokes it. Technically, users need not always actua
2020-10-27
Published