Main Vulnerability Database Vulnerabilities #VU30530

Buffer overflow in watchOS - CVE-2019-8750

Published: December 18, 2019 / Updated: July 17, 2020

Vulnerability identifier: #VU30530

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2019-8750

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
watchOS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt.

How to mitigate CVE-2019-8750

Install update from vendor's website.

Sources

https://support.apple.com/HT210724
https://support.apple.com/HT210727

Buffer overflow in watchOS - CVE-2019-8750

Detailed vulnerability description

How to mitigate CVE-2019-8750

Sources

Please verify you're human