Multiple vulnerabilities in Apple macOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2019-7286 CVE-2019-7288 CVE-2019-6223 |
| CWE-ID | CWE-119 CWE-264 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Vulnerability #3 is being exploited in the wild. |
| Vulnerable software Subscribe |
macOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU17435
Risk: High
CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2019-7286
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges.
The weakness exists due to a boundary error in the Foundation component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.
Note: according to Ben Hawkes, team leader at Project Zero, the vulnerability has been exploited in the wild as 0day.
The vulnerability has been addressed in the version 10.14.3 Supplemental Update.
Vulnerable software versionsmacOS: 10.14.3 18D42
External linkshttp://support.apple.com/en-us/HT209521
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Security restrictions bypass
EUVDB-ID: #VU17436
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7288
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The weakness exists due to improper validation on the FaceTime server. A remote attacker can cause an error in Live Photos in FaceTime and bypass security restrictions.
The vulnerability has been addressed in the version 10.14.3 Supplemental Update.
Vulnerable software versionsmacOS: 10.14.3 18D42
External linkshttp://support.apple.com/en-us/HT209521
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Security restrictions bypass
EUVDB-ID: #VU17437
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C]
CVE-ID: CVE-2019-6223
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The weakness exists due to a logic issue in the handling of Group FaceTime calls. A remote attacker who is the initiator of a Group FaceTime call can cause the recipient to answer.
The vulnerability has been addressed in the version 10.14.3 Supplemental Update.
Vulnerable software versionsmacOS: 10.14.3 18D42
External linkshttp://support.apple.com/en-us/HT209521
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
