| Vulnerability Name: | CVE-2019-8514 (CCN-158673) | ||||||||||||
| Assigned: | 2019-03-25 | ||||||||||||
| Published: | 2019-03-25 | ||||||||||||
| Updated: | 2020-08-24 | ||||||||||||
| Summary: | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. | ||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.0 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
7.0 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2019-8514 Source: XF Type: UNKNOWN apple-ios-cve20198514-priv-esc(158673) Source: CCN Type: Packet Storm Security [04-01-2019] XNU Unsafe Pidversion Increment During Execve Source: CCN Type: Apple security document HT209599 About the security content of iOS 12.2 Source: CCN Type: Apple security document HT209601 About the security content of tvOS 12.2 Source: CCN Type: Apple security document HT209602 About the security content of watchOS 5.2 Source: MISC Type: Vendor Advisory https://support.apple.com/HT209599 Source: MISC Type: Vendor Advisory https://support.apple.com/HT209600 Source: MISC Type: Vendor Advisory https://support.apple.com/HT209601 Source: MISC Type: Vendor Advisory https://support.apple.com/HT209602 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [04-03-2019] | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||