CVE-2019-8513: OS Command Injection

Q: What is CVE-2019-8513?

CVE-2019-8513 is a vulnerability in macOS Mojave 10.14.4 that allows a local user to execute arbitrary shell commands.

Q: How severe is CVE-2019-8513?

CVE-2019-8513 has a severity rating of 7.8 (high).

Q: How can I fix CVE-2019-8513?

You can fix CVE-2019-8513 by updating to macOS Mojave 10.14.4 or later.

Q: What is the Common Weakness Enumeration (CWE) ID for CVE-2019-8513?

The CWE ID for CVE-2019-8513 is CWE-78.

Q: Where can I find more information about CVE-2019-8513?

You can find more information about CVE-2019-8513 in the Apple security advisory: [HT209600](https://support.apple.com/HT209600).

Published Mar 25, 2019

Updated

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.

Other sources

Time Machine. This issue was addressed with improved checks.

Credit

CodeColorist(Ant)

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.4

10.14.4

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.4

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT209600

Frequently Asked Questions

What is CVE-2019-8513?

CVE-2019-8513 is a vulnerability in macOS Mojave 10.14.4 that allows a local user to execute arbitrary shell commands.

How severe is CVE-2019-8513?

CVE-2019-8513 has a severity rating of 7.8 (high).

How can I fix CVE-2019-8513?

You can fix CVE-2019-8513 by updating to macOS Mojave 10.14.4 or later.

What is the Common Weakness Enumeration (CWE) ID for CVE-2019-8513?