CVE-2019-8541: Low severity apple ios, ipados, and watchos vulnerability

Q: What is the vulnerability ID of this privacy issue in motion sensor calibration?

The vulnerability ID is CVE-2019-8541.

Q: What is the severity level of CVE-2019-8541?

The severity level of CVE-2019-8541 is low.

Q: How does this vulnerability affect Apple iOS?

This vulnerability affects Apple iOS version up to but excluding 12.2.

Q: How does this vulnerability affect Apple watchOS?

This vulnerability affects Apple watchOS version up to but excluding 5.2.

Q: How can I fix this vulnerability in my Apple device?

To fix this vulnerability, update your iOS device to version 12.2 or later, and update your watchOS device to version 5.2 or later.

Published Mar 25, 2019

Updated

A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs.

Other sources

Privacy. A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing.

Credit

Stan (Jiexin) Zhang, Alastair R. Beresford(the University of Cambridge), Ian Sheret(Polymath Insight Limited)

Affected Software

4 affected componentsFixes available

Apple WatchOS<5.2

5.2

Apple iOS<12.2

12.2

Apple iPhone OS<12.2

Apple WatchOS<5.2

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the vulnerability ID of this privacy issue in motion sensor calibration?

The vulnerability ID is CVE-2019-8541.

What is the severity level of CVE-2019-8541?