Vulnerabilities > CVE-2019-8779 - Exposure of Resource to Wrong Sphere vulnerability in Apple Ipados and Iphone OS

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
apple
CWE-668
critical

Summary

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions.

Vulnerable Configurations

Part Description Count
OS
Apple
210

Common Weakness Enumeration (CWE)