Published: 18/12/2019 Updated: 20/12/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os
apple mac os x
apple tvos
apple watchos

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2019-5-13-1 iOS 123   From: Apple Product Security via ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2019-5-13-2 macOS Mojave 10145, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra <!--X ...

Lockdown related research, tools and POCs.

Lockdown Playground Lockdown related research, tools and POCs All POCs should work fine on iOS 122 and below It was a fun research project and I hope you enjoy the short writeup Note that I omitted some details about existing underlaying issues FAQ Is this a jailbreak? NO Will this be used in a jailbreak? Maybe, but probably not Will this lead to other useful tools and di

CWE-59 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210122 https://support.apple.com/HT210120 https://nvd.nist.gov https://github.com/DanyL/lockdownd_playground http://seclists.org/fulldisclosure/2019/May/19

CVE-2019-8568

Vulnerability Summary

Vulnerability Trend

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect