CVE-2019-8605

Summary

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 12.3affected
ApplemacOSunspecified < macOS Mojave 10.14.5affected
AppletvOSunspecified < tvOS 12.3affected
ApplewatchOSunspecified < watchOS 5.2.1affected

Weaknesses

  • A malicious application may be able to execute arbitrary code with system privileges

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References