Overview
- Description
- An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.
- Source
- product-security@apple.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-125
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A02B4418-82F4-4A23-8F4C-3C03C5522FED",
"versionEndExcluding": "13.3"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDAD0B76-9EF7-4CCF-8CDD-6CF7355D0767",
"versionEndExcluding": "13.3"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DFB3138-3528-49CA-B96F-C248593BB52B",
"versionEndExcluding": "12.4.4",
"versionStartIncluding": "12.0.0"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F15588EA-D854-4694-97C6-53D9AA8B6F2D",
"versionEndExcluding": "10.15.2"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31FE522C-5C52-408C-8E46-A3479BF78463",
"versionEndExcluding": "13.3"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "132D6ACC-C9E7-4F65-9031-E8B04BC12249",
"versionEndExcluding": "5.3.4"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAECF491-D83D-428D-8A8B-00BA3B5B5E76",
"versionEndExcluding": "6.1.1",
"versionStartIncluding": "6.0.0"
}
],
"operator": "OR"
}
]
}
]