CVE-2019-8757 — Race Condition in Apple Macos

CWE-362 — Race Condition3 documents3 sources

Severity

2.5LOWNVD

EPSS

0.1%

top 73.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple MAC OS X Apple Macos Catalina

Timeline

PublishedDec 18

Latest updateMay 24

Description

A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.0 | Impact: 1.4

Affected Packages3 packages

▶Appleapple/macos_catalina10.15

▶CVEListV5apple/macosunspecified — macOS Catalina 10.15

▶NVDapple/mac_os_x< 10.15

🔴Vulnerability Details

GHSA

GHSA-537v-9w6h-w7r3: A race condition existed when reading and writing user preferences↗2022-05-24

▶

📋Vendor Advisories

Apple

CVE-2019-8757: macOS Catalina 10.15↗2019-10-07

▶