CVE-2019-8568

Summary

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 12.3affected
ApplemacOSunspecified < macOS Mojave 10.14.5affected
AppletvOSunspecified < tvOS 12.3affected
ApplewatchOSunspecified < watchOS 5.2.1affected

Weaknesses

  • A local user may be able to modify protected parts of the file system

ADP Enrichment

CVE Program Container

Additional References

References