CVE-2019-8602

EUVD-2019-17992
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
appleicloud
𝑥
< 7.12
appleicloud
10.0 ≤
𝑥
< 10.4
appleitunes
𝑥
< 12.9.5
applesafari
𝑥
< 12.1.1
appleiphone_os
𝑥
< 12.3
applemac_os_x
𝑥
< 10.14.5
appletvos
𝑥
< 12.3
applewatchos
𝑥
< 5.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/
https://support.apple.com/HT210118
https://support.apple.com/HT210119
https://support.apple.com/HT210120
https://support.apple.com/HT210122
https://support.apple.com/HT210124
https://support.apple.com/HT210125
https://support.apple.com/HT210212
https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/
https://support.apple.com/HT210118
https://support.apple.com/HT210119
https://support.apple.com/HT210120
https://support.apple.com/HT210122
https://support.apple.com/HT210124
https://support.apple.com/HT210125
https://support.apple.com/HT210212