CVE-2019-8598
Last modified
CVE-2019-8598 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. EPSS estimates a 10.25% chance of exploitation in the next 30 days.
Description
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apple | Icloud | < 7.12 |
| Apple | Itunes | < 12.9.5 |
| Apple | Iphone Os | < 12.3 |
| Apple | Mac Os X | < 10.14.5 |
| Apple | Tvos | < 12.3 |
| Apple | Watchos | < 5.2.1 |
References
- https://support.apple.com/HT210118Vendor Advisory
- https://support.apple.com/HT210119Vendor Advisory
- https://support.apple.com/HT210120Vendor Advisory
- https://support.apple.com/HT210122Vendor Advisory
- https://support.apple.com/HT210124Vendor Advisory
- https://support.apple.com/HT210125Vendor Advisory
- https://support.apple.com/HT210212Vendor Advisory
- https://support.apple.com/HT210118Vendor Advisory
- https://support.apple.com/HT210119Vendor Advisory
- https://support.apple.com/HT210120Vendor Advisory
- https://support.apple.com/HT210122Vendor Advisory
- https://support.apple.com/HT210124Vendor Advisory
- https://support.apple.com/HT210125Vendor Advisory
- https://support.apple.com/HT210212Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-8598?
How severe is CVE-2019-8598?
How do I fix CVE-2019-8598?
Are you affected by CVE-2019-8598?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST