CVE-2019-8638

EPSS 1.2%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

27 Oct 2020Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected products

Apple · iCloud for Windows Apple · iOS Apple · iTunes for Windows Apple · Safari Apple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.apple.com/en-us/HT209599 https://support.apple.com/en-us/HT209602 https://support.apple.com/en-us/HT209603 https://support.apple.com/en-us/HT209604 https://support.apple.com/en-us/HT209605