Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-8622 — Out-of-bounds Write in Apple Icloud FOR Windows
Severity
8.8HIGHNVD
EPSS
24.4%
top 3.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedDec 18
Latest updateMay 24
Description
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages14 packages
🔴Vulnerability Details
3GHSA▶
GHSA-xfjj-4fqf-vx76: Multiple memory corruption issues were addressed with improved memory handling↗2022-05-24
CVEList▶
CVE-2019-8622: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18
OSV▶
CVE-2019-8622: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18
💥Exploits & PoCs
1Exploit-DB▶
Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free↗2019-05-21
📋Vendor Advisories
10Apple▶
CVE-2019-8622: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra↗2019-05-13
💬Community
1Bugzilla▶
CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08