Denial of Service Vulnerability in Apple Products
CVE-2019-8741

7.5HIGH

Key Information:

Vendor
Apple
Status
iOS
Watch OS
TV OS
Mac OS
Vendor
CVE Published:
28 February 2020

Summary

A denial of service vulnerability was identified that allows malicious actors to disrupt the availability of affected Apple products. This issue arose due to insufficient input validation, which could be exploited to cause unexpected crashes or freezes in the affected systems, seriously impacting user experience and operational continuity. Mitigation strategies involve applying security updates that enhance the input validation processes to safeguard against potential exploitation.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://eprint.iacr.org/2019/1421
x_refsource_MISC
https://support.apple.com/HT210635
x_refsource_MISC
https://support.apple.com/HT210636
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.