CVE-2019-8717
published 2019-12-18CVE-2019-8717: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to…
PriorityP346high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
1.29%
66.6th percentile
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | mac_os_x | < 10.15 | 10.15 |
| apple | macos | >= unspecified < macOS Catalina 10.15 | macOS Catalina 10.15 |
| apple | macos_catalina | — | — |
| apple | macos_catalina_10.15.1_security_update_2019-001_and_security_update_2019-006 | — | — |
| apple | tvos | < 13 | 13 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < tvOS 13 | tvOS 13 |
| apple | watchos_6 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wcgf-jrrf-r989: A memory corruption issue was addressed with improved memory handling
ghsa_unreviewed·2022-05-24
CVE-2019-8717 [HIGH] CWE-119 GHSA-wcgf-jrrf-r989: A memory corruption issue was addressed with improved memory handling
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.
Apple
CVE-2019-8717: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
vendor_apple·2019-10-29·CVSS 7.8
CVE-2019-8717 [HIGH] CVE-2019-8717: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Apple Security Update: About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Product: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
CVE: CVE-2019-8717
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
Apple
CVE-2019-8717: macOS Catalina 10.15
vendor_apple·2019-10-07·CVSS 7.8
CVE-2019-8717 [HIGH] CVE-2019-8717: macOS Catalina 10.15
Apple Security Update: About the security content of macOS Catalina 10.15
Product: macOS Catalina
Version: 10.15
CVE: CVE-2019-8717
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
Apple
CVE-2019-8717: tvOS 13
vendor_apple·2019-09-24·CVSS 7.8
CVE-2019-8717 [HIGH] CVE-2019-8717: tvOS 13
Apple Security Update: About the security content of tvOS 13
Product: tvOS
Version: 13
CVE: CVE-2019-8717
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
Apple
CVE-2019-8717: iOS 13
vendor_apple·2019-09-19·CVSS 7.8
CVE-2019-8717 [HIGH] CVE-2019-8717: iOS 13
Apple Security Update: About the security content of iOS 13
Product: iOS
Version: 13
CVE: CVE-2019-8717
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
Apple
CVE-2019-8717: watchOS 6
vendor_apple·2019-09-19·CVSS 7.8
CVE-2019-8717 [HIGH] CVE-2019-8717: watchOS 6
Apple Security Update: About the security content of watchOS 6
Product: watchOS 6
CVE: CVE-2019-8717
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
No detection rules found.
No writeups or analysis indexed.
2019-12-18
Published