CVE-2019-8799
published 2020-10-27CVE-2019-8799: This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6…
PriorityP46low2.4CVSS 3.1
AVPACLPRNUINSUCLINAN
EPSS
0.33%
25.1th percentile
This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_13.1_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 13.1 | 13.1 |
| apple | ipados | < 13.1 | 13.1 |
| apple | iphone_os | < 13.1 | 13.1 |
| apple | mac_os_x | < 10.15 | 10.15 |
| apple | macos | >= unspecified < 10.15 | 10.15 |
| apple | macos_catalina | — | — |
| apple | tvos | < 13.0 | 13.0 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < 13 | 13 |
| apple | watchos | < 6.0 | 6.0 |
| apple | watchos | >= unspecified < 6 | 6 |
| apple | watchos_6 | — | — |
CVSS provenance
nvdv3.12.4LOWCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2019-8799: macOS Catalina 10.15
vendor_apple·2019-10-07·CVSS 2.4
CVE-2019-8799 [LOW] CVE-2019-8799: macOS Catalina 10.15
Apple Security Update: About the security content of macOS Catalina 10.15
Product: macOS Catalina
Version: 10.15
CVE: CVE-2019-8799
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
Apple
CVE-2019-8799: iOS 13.1 and iPadOS 13.1
vendor_apple·2019-09-24·CVSS 2.4
CVE-2019-8799 [LOW] CVE-2019-8799: iOS 13.1 and iPadOS 13.1
Apple Security Update: About the security content of iOS 13.1 and iPadOS 13.1
Product: iOS 13.1 and iPadOS
Version: 13.1
CVE: CVE-2019-8799
Component: Kernel
Impact: A malicious application may be able to determine kernel memory layout
Description: The issue was addressed with improved permissions logic.
Apple
CVE-2019-8799: tvOS 13
vendor_apple·2019-09-24·CVSS 2.4
CVE-2019-8799 [LOW] CVE-2019-8799: tvOS 13
Apple Security Update: About the security content of tvOS 13
Product: tvOS
Version: 13
CVE: CVE-2019-8799
Component: Keyboards
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved state management.
Apple
CVE-2019-8799: watchOS 6
vendor_apple·2019-09-19·CVSS 2.4
CVE-2019-8799 [LOW] CVE-2019-8799: watchOS 6
Apple Security Update: About the security content of watchOS 6
Product: watchOS 6
CVE: CVE-2019-8799
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
GHSA
GHSA-mgpg-rp6c-97r2: This issue was resolved by replacing device names with a random identifier
ghsa_unreviewed·2022-05-24
CVE-2019-8799 [LOW] CWE-922 GHSA-mgpg-rp6c-97r2: This issue was resolved by replacing device names with a random identifier
This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/HT210603https://support.apple.com/en-us/HT210604https://support.apple.com/en-us/HT210607https://support.apple.com/en-us/HT210634https://support.apple.com/en-us/HT210603https://support.apple.com/en-us/HT210604https://support.apple.com/en-us/HT210607https://support.apple.com/en-us/HT210634
2020-10-27
Published