Vulnerability Description
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.
CVSS Score
2.4
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | < 12.4 |
| Apple | Watchos | < 5.3 |
Related Weaknesses (CWE)
References
- https://support.apple.com/HT210346Vendor Advisory
- https://support.apple.com/HT210353Vendor Advisory
- https://support.apple.com/HT210346Vendor Advisory
- https://support.apple.com/HT210353Vendor Advisory
FAQ
What is CVE-2019-8682?
CVE-2019-8682 is a vulnerability with a CVSS score of 2.4 (LOW). The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.
How severe is CVE-2019-8682?
CVE-2019-8682 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8682?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Watchos.