Vulnerabilities > CVE-2019-8718 - Out-of-bounds Write vulnerability in Apple Tvos

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

apple

CWE-787

NVD

Published: 2020-10-27

Updated: 2021-07-21

Summary

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple Tvos - Apple Tvos 1.0.0 Apple Tvos 1.1.0 Apple Tvos 2.0.0 Apple Tvos 2.0.1 Apple Tvos 2.0.2 Apple Tvos 2.1.0 Apple Tvos 2.2.0 Apple Tvos 2.3.0 Apple Tvos 2.3.1 Apple Tvos 2.4.0 Apple Tvos 3.0.0 Apple Tvos 3.0.1 Apple Tvos 3.0.2 Apple Tvos 4.1.0 Apple Tvos 4.1.1 Apple Tvos 4.2.0 Apple Tvos 4.2.1 Apple Tvos 4.2.2 Apple Tvos 4.3.0 Apple Tvos 4.4.0 Apple Tvos 4.4.2 Apple Tvos 4.4.3 Apple Tvos 4.4.4 Apple Tvos 5.0.0 Apple Tvos 5.0.1 Apple Tvos 5.0.2 Apple Tvos 5.1.0 Apple Tvos 5.1.1 Apple Tvos 5.2.0 Apple Tvos 6.0 Apple Tvos 6.0.1 Apple Tvos 6.0.2 Apple Tvos 6.1 Apple Tvos 6.1.1 Apple Tvos 6.1.2 Apple Tvos 6.2 Apple Tvos 6.2.1 Apple Tvos 7.0 Apple Tvos 7.0.1 Apple Tvos 7.0.2 Apple Tvos 7.0.3 Apple Tvos 7.1 Apple Tvos 9.0 Apple Tvos 9.0.1 Apple Tvos 9.1 Apple Tvos 9.1.1 Apple Tvos 9.2 Apple Tvos 9.2.1 Apple Tvos 9.2.2 Apple Tvos 10.0 Apple Tvos 10.0.1 Apple Tvos 10.1 Apple Tvos 10.1.1 Apple Tvos 10.2 Apple Tvos 10.2.1 Apple Tvos 10.2.2 Apple Tvos 10.3 Apple Tvos 11 Apple Tvos 11.0 Apple Tvos 11.1 Apple Tvos 11.2 Apple Tvos 11.2.1 Apple Tvos 11.2.6 Apple Tvos 11.3 Apple Tvos 11.4.1 Apple Tvos 12 Apple Tvos 12.0 Apple Tvos 12.0.1 Apple Tvos 12.1 Apple Tvos 12.1.1 Apple Tvos 12.1.2 Apple Tvos 12.2 Apple Tvos 12.3 Apple Tvos 12.4 Apple Iphone OS 13.0 Apple Iphone OS 13.1 Apple Iphone OS 13.1.1 Apple Iphone OS 13.1.2 Apple Iphone OS 13.1.3 Apple Iphone OS 13.2 Apple Iphone OS 13.2.2 Apple Iphone OS 13.2.3 Apple Iphone OS 13.3 Apple Iphone OS 13.3.1 Apple Iphone OS 13.4 Apple Iphone OS 13.5 Apple Iphone OS 13.5.1 Apple Iphone OS 13.6 Apple Iphone OS 14.0 Apple Iphone OS 14.2 Apple Iphone OS 14.3 Apple Iphone OS 14.4 Apple Iphone OS 14.4.1 Apple Iphone OS 14.4.2 Apple Iphone OS 14.5 Apple Iphone OS 14.5.1 Apple Iphone OS 14.6 Apple Iphone OS 14.7 Apple Iphone OS 14.8 Apple Iphone OS 14.8.1 Apple Iphone OS 15.0 Apple Iphone OS 15.0.1 Apple Iphone OS 15.0.2 Apple Iphone OS 15.1 Apple Iphone OS 15.2 Apple Iphone OS 15.4 Apple Iphone OS 15.5 Apple Iphone OS 15.6 Apple Iphone OS 15.6.1 Apple Iphone OS 15.7 Apple Iphone OS 15.7.1 Apple Iphone OS 15.7.2 Apple Iphone OS 15.7.3 Apple Iphone OS 15.7.4 Apple Iphone OS 15.7.5 Apple Iphone OS 15.7.6 Apple Iphone OS 15.7.8 Apple Iphone OS 15.8 Apple Iphone OS 15.8.1 Apple Iphone OS 16.0 Apple Iphone OS 16.0.1 Apple Iphone OS 16.0.2 Apple Iphone OS 16.0.3 Apple Iphone OS 16.1 Apple Iphone OS 16.1.2 Apple Iphone OS 16.2 Apple Iphone OS 16.3 Apple Iphone OS 16.3.1 Apple Iphone OS 16.4 Apple Iphone OS 16.4.1 Apple Iphone OS 16.5 Apple Iphone OS 16.6 Apple Iphone OS 16.7 Apple Iphone OS 16.7.3 Apple Iphone OS 16.7.5 Apple Iphone OS 16.7.8 Apple Iphone OS 16.7.9 Apple Iphone OS 17.0 Apple Iphone OS 17.0.1 Apple Iphone OS 17.0.3 Apple Iphone OS 17.1 Apple Iphone OS 17.1.1 Apple Iphone OS 17.1.2 Apple Iphone OS 17.2 Apple Iphone OS 17.3 Apple Iphone OS 17.4 Apple Iphone OS 17.5 Apple Iphone OS 17.6 Apple Iphone OS 18.0 Apple Iphone OS 18.1 Apple Watchos - Apple Watchos 1.0 Apple Watchos 1.0.1 Apple Watchos 2.0 Apple Watchos 2.0.1 Apple Watchos 2.1 Apple Watchos 2.2 Apple Watchos 2.2.0 Apple Watchos 2.2.1 Apple Watchos 2.2.2 Apple Watchos 3.0 Apple Watchos 3.1 Apple Watchos 3.1.1 Apple Watchos 3.1.3 Apple Watchos 3.2 Apple Watchos 3.2.2 Apple Watchos 3.2.3 Apple Watchos 4 Apple Watchos 4.0 Apple Watchos 4.0.1 Apple Watchos 4.1 Apple Watchos 4.2 Apple Watchos 4.2.3 Apple Watchos 4.3 Apple Watchos 4.3.1 Apple Watchos 4.3.2 Apple Watchos 5.0 Apple Watchos 5.0.1 Apple Watchos 5.1 Apple Watchos 5.1.1 Apple Watchos 5.1.2 Apple Watchos 5.1.3 Apple Watchos 5.2 Apple Watchos 5.2.1 Apple Watchos 5.3 Apple Watchos 5.3.4 Apple Watchos 5.3.7 Apple Watchos 5.3.9	189

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Packetstorm

data source	https://packetstormsecurity.com/files/download/155221/iosiousbdf1241-poc.txt
id	PACKETSTORM:155221
last seen	2019-11-14
published	2019-11-11
reporter	Sem Voigtlander
source	https://packetstormsecurity.com/files/155221/iOS-IOUSBDeviceFamily-12.4.1-Heap-Corruption-Proof-Of-Concept.html
title	iOS IOUSBDeviceFamily 12.4.1 Heap Corruption Proof Of Concept

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Packetstorm

References