CVE-2019-8664Improper Input Validation in Apple Watchos

CWE-20Improper Input Validation5 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 46.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple IOSApple WatchosApple Iphone OS
Timeline
PublishedOct 27
Latest updateMay 24

Description

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

CVEListV5apple/watchosunspecified5.2
NVDapple/watchos< 5.2.1
CVEListV5apple/iosunspecified12.3
NVDapple/iphone_os< 12.3

🔴Vulnerability Details

2
GHSA
GHSA-2c4x-w9f2-5qjq: An input validation issue was addressed with improved input validation2022-05-24
CVEList
CVE-2019-8664: An input validation issue was addressed with improved input validation2020-10-27

📋Vendor Advisories

2
Apple
CVE-2019-8664: watchOS 5.2.12019-05-13
Apple
CVE-2019-8664: iOS 12.32019-05-13
CVE-2019-8664 — Improper Input Validation in Apple | cvebase