CVE-2019-8533: High severity macos mojave vulnerability

Q: What is CVE-2019-8533?

CVE-2019-8533 is a vulnerability in macOS Mojave 10.14.4 and earlier that allows a Mac to not lock when disconnecting from an external monitor.

Q: What is the severity of CVE-2019-8533?

The severity of CVE-2019-8533 is high with a CVSS score of 7.8.

Q: How can I fix CVE-2019-8533?

To fix CVE-2019-8533, update your macOS to version 10.14.4 or newer.

Q: Where can I find more information about CVE-2019-8533?

You can find more information about CVE-2019-8533 on the Apple support page: https://support.apple.com/HT209600.

Q: What is CWE-287?

CWE-287 is a weakness in macOS Mojave 10.14.4 and earlier that relates to an improper authentication vulnerability.

Published Mar 25, 2019

Updated

A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor.

Other sources

IOGraphics. A lock handling issue was addressed with improved lock handling.

Credit

an anonymous researcher, James Eagan(T), R. Scott Kemp(MIT), Romke van Dijk(Z)

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.4

10.14.4

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.4

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT209600

Frequently Asked Questions

What is CVE-2019-8533?

CVE-2019-8533 is a vulnerability in macOS Mojave 10.14.4 and earlier that allows a Mac to not lock when disconnecting from an external monitor.

What is the severity of CVE-2019-8533?

The severity of CVE-2019-8533 is high with a CVSS score of 7.8.

How can I fix CVE-2019-8533?

To fix CVE-2019-8533, update your macOS to version 10.14.4 or newer.

Where can I find more information about CVE-2019-8533?