[CVE-2019-7286] Apple Multiple Products Memory Corruption Vulnerability

CISA KEV 정보

취약점명	Apple Multiple Products Memory Corruption Vulnerability
설명	Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.
조치사항	Apply updates per vendor instructions.
랜섬웨어 캠페인 악용	Unknown
CWE	CWE-787
등록일 (KEV)	2022-05-23
조치 기한	2022-06-13
추가 참고	https://nvd.nist.gov/vuln/detail/CVE-2019-7286

NVD 상세 정보

CVSS v3.1: 7.8 HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

설명: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.

CWE: CWE-787 | CWE-787

참조

https://support.apple.com/HT209520 [Vendor Advisory]
https://support.apple.com/HT209521 [Vendor Advisory]
https://support.apple.com/HT209601 [Vendor Advisory]
https://support.apple.com/HT209602 [Vendor Advisory]
https://support.apple.com/HT209520 [Vendor Advisory]
https://support.apple.com/HT209521 [Vendor Advisory]
https://support.apple.com/HT209601 [Vendor Advisory]
https://support.apple.com/HT209602 [Vendor Advisory]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7286 [US Government Resource]

This product uses the NVD API but is not endorsed or certified by the NVD.

바로 가기

[CVE-2019-7286] Apple Multiple Products Memory Corruption Vulnerability

CISA KEV 정보

NVD 상세 정보

참조

IT 도구 서랍