Vulnerability Description
This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Icloud | < 7.16 |
| Apple | Itunes | < 12.10.3 |
| Apple | Safari | < 13.0.3 |
| Apple | Ipados | < 13.3 |
| Apple | Iphone Os | < 13.3 |
| Apple | Mac Os X | < 10.15.2 |
| Apple | Tvos | < 13.3 |
| Apple | Watchos | < 6.1.1 |
References
- https://support.apple.com/en-us/HT210785Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210788Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210789Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210790Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210793Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210794Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210795Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210785Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210788Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210789Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210790Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210793Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210794Release NotesVendor Advisory
- https://support.apple.com/en-us/HT210795Release NotesVendor Advisory
FAQ
What is CVE-2019-8848?
CVE-2019-8848 is a vulnerability with a CVSS score of 7.8 (HIGH). This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 20...
How severe is CVE-2019-8848?
CVE-2019-8848 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8848?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Icloud, Apple Itunes, Apple Safari, Apple Ipados, Apple Iphone Os.