CVE-2019-8796

A logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
appleipados
𝑥
< 13.2
appleiphone_os
𝑥
< 12.4.3
appleiphone_os
13.0 ≤
𝑥
< 13.2
applemac_os_x
𝑥
< 10.15.1
applewatchos
𝑥
< 6.1
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/HT210721
https://support.apple.com/en-us/HT210722
https://support.apple.com/en-us/HT210724
https://support.apple.com/en-us/HT211134
https://support.apple.com/en-us/HT210721
https://support.apple.com/en-us/HT210722
https://support.apple.com/en-us/HT210724
https://support.apple.com/en-us/HT211134