cbcvebase.
CVE-2019-8850
published 2020-10-27

CVE-2019-8850: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS…

PriorityP424medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
EPSS
0.80%
51.8th percentile
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose restricted memory.

Affected

13 ranges
VendorProductVersion rangeFixed in
appleios_13.1_and_ipados
appleios_and_ipados>= unspecified < 13.113.1
appleipados< 13.113.1
appleiphone_os< 13.113.1
applemac_os_x< 10.15.110.15.1
applemacos>= unspecified < 10.1510.15
applemacos_catalina
applemacos_catalina_10.15.1_security_update_2019-001_and_security_update_2019-006
appletvos< 13.013.0
appletvos
appletvos>= unspecified < 1313
applewatchos>= unspecified < 66
applewatchos_6

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.