Memory Corruption Vulnerability in Apple iOS and Software Products
CVE-2019-8728

8.8HIGH

Key Information:

Vendor

Apple
Status
TV OS
iOS
Watch OS
Safari
Vendor
CVE Published:
27 October 2020

What is CVE-2019-8728?

Multiple memory corruption issues were identified and addressed with enhanced memory handling protocols across various Apple platforms. Attackers could exploit these vulnerabilities through crafted web content, which could result in arbitrary code execution, compromising system integrity and user security. Users and administrators are advised to update to the latest versions of affected software to mitigate risks.

Affected Version(s)

iCloud for Windows < 10.7

iCloud for Windows < 7.14

iOS < 13

References

https://support.apple.com/en-us/HT210604
x_refsource_MISC
https://support.apple.com/en-us/HT210606
x_refsource_MISC
https://support.apple.com/en-us/HT210607
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.