CVE-2019-8553: High severity tvos vulnerability

Q: What is CVE-2019-8553?

CVE-2019-8553 is a memory corruption issue in GeoServices that can lead to arbitrary code execution when clicking a malicious SMS link.

Q: Which software versions are affected by CVE-2019-8553?

CVE-2019-8553 affects iOS up to version 12.2, tvOS up to version 12.2, and watchOS up to version 5.2.

Q: How can I fix CVE-2019-8553?

To fix CVE-2019-8553, update to iOS 12.2, tvOS 12.2, or watchOS 5.2.

Q: What is the severity of CVE-2019-8553?

CVE-2019-8553 has a severity rating of 8.8 (high).

Q: Where can I find more information about CVE-2019-8553?

You can find more information about CVE-2019-8553 on Apple's support page: [link](https://support.apple.com/en-us/HT209601)

Published Mar 25, 2019

Updated

GeoServices. A memory corruption issue was addressed with improved validation.

Other sources

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution.

Credit

an anonymous researcher, an anonymous researcher, an anonymous researcher

Affected Software

6 affected componentsFixes available

Apple tvOS<12.2

12.2

Apple WatchOS<5.2

5.2

Apple iOS<12.2

12.2

Apple iPhone OS<12.2

Apple tvOS<12.2

Apple WatchOS<5.2

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2019-8553?

CVE-2019-8553 is a memory corruption issue in GeoServices that can lead to arbitrary code execution when clicking a malicious SMS link.

Which software versions are affected by CVE-2019-8553?