CVE-2019-8570

EPSS 2.6%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

27 Oct 2020Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.

Affected products

Apple · iCloud for Windows Apple · iOS Apple · iTunes for Windows Apple · Safari Apple · tvOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.apple.com/en-us/HT209443 https://support.apple.com/en-us/HT209447 https://support.apple.com/en-us/HT209449 https://support.apple.com/en-us/HT209450 https://support.apple.com/en-us/HT209451