CVE-2019-8525Out-of-bounds Write in Apple Macos

CWE-787Out-of-bounds Write8 documents4 sources
Severity
6.7MEDIUMNVD
EPSS
0.1%
top 82.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple IOSApple MacosApple Iphone OS+2 more
Timeline
PublishedOct 27
Latest updateMay 24

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages5 packages

CVEListV5apple/macosunspecified10.14+1
NVDapple/mac_os_x10.14.310.14.4+1
NVDapple/watchos< 5.2
CVEListV5apple/iosunspecified12.2
NVDapple/iphone_os< 12.2

🔴Vulnerability Details

2
GHSA
GHSA-vp26-5q34-v755: A memory corruption issue was addressed with improved state management2022-05-24
CVEList
CVE-2019-8525: A memory corruption issue was addressed with improved state management2020-10-27

📋Vendor Advisories

5
Apple
CVE-2019-8525: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra2019-05-13
Apple
CVE-2019-8525: watchOS 5.22019-03-27
Apple
CVE-2019-8525: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
Apple
CVE-2019-8525: tvOS 12.22019-03-25
Apple
CVE-2019-8525: iOS 12.22019-03-25
CVE-2019-8525 — Out-of-bounds Write in Apple Macos | cvebase