cbcvebase.
CVE-2019-8717
published 2019-12-18

CVE-2019-8717: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to…

PriorityP346high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
1.29%
66.6th percentile
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.

Affected

9 ranges
VendorProductVersion rangeFixed in
appleios
applemac_os_x< 10.1510.15
applemacos>= unspecified < macOS Catalina 10.15macOS Catalina 10.15
applemacos_catalina
applemacos_catalina_10.15.1_security_update_2019-001_and_security_update_2019-006
appletvos< 1313
appletvos
appletvos>= unspecified < tvOS 13tvOS 13
applewatchos_6

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.