Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-8662Use After Free in Apple Macos

CWE-416Use After FreeCWE-502Deserialization of Untrusted Data11 documents6 sources
Severity
9.8CRITICALNVD
EPSS
12.1%
top 6.17%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
6
Apple IOSApple MacosApple Tvos+3 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages8 packages

CVEListV5apple/tvosunspecifiedtvOS 12.4
NVDapple/tvos< 12.4
CVEListV5apple/macosunspecifiedmacOS Mojave 10.14.6
CVEListV5apple/watchosunspecifiedwatchOS 5.3
NVDapple/watchos< 5.3

🔴Vulnerability Details

4
GHSA
GHSA-v448-6mjx-mr34: This issue was addressed with improved checks2022-05-24
Project0
Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass - Project Zero2020-01-01
CVEList
CVE-2019-8662: This issue was addressed with improved checks2019-12-18
Project0
The Fully Remote Attack Surface of the iPhone - Project Zero2019-08-01

💥Exploits & PoCs

2
Exploit-DB
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address2019-11-11
Exploit-DB
macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances2019-07-30

📋Vendor Advisories

4
Apple
CVE-2019-8662: watchOS 5.32019-07-22
Apple
CVE-2019-8662: macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra2019-07-22
Apple
CVE-2019-8662: tvOS 12.42019-07-22
Apple
CVE-2019-8662: iOS 12.42019-07-22
CVE-2019-8662 — Use After Free in Apple Macos | cvebase