CVE-2019-8760: This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may…

CVE-2019-8760 [MEDIUM] CVE-2019-8760: iOS 13 Apple Security Update: About the security content of iOS 13 Product: iOS Version: 13 CVE: CVE-2019-8760 Component: Face ID Impact: A 3D model constructed to look like the enrolled user may authenticate via Face ID Description: This issue was addressed by improving Face ID machine learning models.

CVE-2019-8760 [MEDIUM] CWE-287 GHSA-cpx5-433m-c69m: This issue was addressed by improving Face ID machine learning models This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID.

On managing vulnerabilities in AI/ML systems On managing vulnerabilities in AI/ML systems Jonathan M. Spring jspring AT sei dot cmu dot edu 0000-0001-9356-219X CERT Coordination Center\ Engineering Institute\ Mellon University Pittsburgh PA 15213 April Galyardt Software Engineering Institute\ Mellon University Pittsburgh PA 15213 Allen D. Householder 0000-0001-8970-4108 CERT Coordination Center\ Engineering Institute\ Mellon University Pittsburgh PA 15213 Nathan VanHoudnos Software Engineering Institute\ Mellon University Pittsburgh PA 15213 Spring, Galyardt, Householder, and VanHoudnos ## Abstract This paper explores how the current paradigm of vulnerability management might adapt to include machine learning systems through a thought experiment: what if flaws in *ML were assigned *CVE-ID? We consider both *ML algorithms a