Vulnerabilities > CVE-2019-8572 - NULL Pointer Dereference vulnerability in Apple Airport Base Station Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

apple

CWE-476

critical

NVD

Published: 2020-10-27

Updated: 2020-10-30

Summary

A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple Airport Base Station Firmware 7.3.2 Apple Airport Base Station Firmware 7.4.1 Apple Airport Base Station Firmware 7.4.2 Apple Airport Base Station Firmware 7.5.2 Apple Airport Base Station Firmware 7.6 Apple Airport Base Station Firmware 7.6.1 Apple Airport Base Station Firmware 7.6.2 Apple Airport Base Station Firmware 7.6.3 Apple Airport Base Station Firmware 7.6.4 Apple Airport Base Station Firmware 7.6.6 Apple Airport Base Station Firmware 7.6.7 Apple Airport Base Station Firmware 7.6.9 Apple Airport Base Station Firmware 7.7 Apple Airport Base Station Firmware 7.7.0 Apple Airport Base Station Firmware 7.7.3 Apple Airport Base Station Firmware 7.7.6 Apple Airport Base Station Firmware 7.7.7 Apple Airport Base Station Firmware 7.7.9	18

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References