exploitDog

CVE-2019-8805

Опубликовано: 18 дек. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Средний

Описание

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.

Ссылки

https://support.apple.com/HT210722
Vendor Advisory
https://support.apple.com/HT210722
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия до 10.15.1 (исключая)

EPSS

Процентиль: 94%

0.12917

Средний

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-75c4-xj7m-vrpm

github

больше 3 лет назад

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.

EPSS

Процентиль: 94%

0.12917

Средний

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

NVD-CWE-noinfo