CVE-2019-6223

EUVD-2019-15790
A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
𝑥
< 12.1.4
applemac_os_x
𝑥
< 10.14.3
𝑥
= Vulnerable software versions
References
https://support.apple.com/HT209520
https://support.apple.com/HT209521
https://support.apple.com/HT209520
https://support.apple.com/HT209521
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6223