CVE-2019-8502

Summary

An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 12.2affected
ApplemacOSunspecified < macOS Mojave 10.14.4affected
AppletvOSunspecified < tvOS 12.2affected
ApplewatchOSunspecified < watchOS 5.2affected

Weaknesses

  • A malicious application may be able to initiate a Dictation request without user authorization

ADP Enrichment

CVE Program Container

Additional References

References