CVE-2019-8561: Input Validation

Q: What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2019-8561.

Q: What is the severity of CVE-2019-8561?

The severity of CVE-2019-8561 is high.

Q: What is the affected software of CVE-2019-8561?

The affected software of CVE-2019-8561 includes macOS Mojave 10.14.4, Apple High Sierra, Apple Sierra, and Apple Mac OS X versions up to 10.14.4.

Q: What is the description of CVE-2019-8561?

CVE-2019-8561 is a logic issue that was addressed with improved validation in macOS Mojave 10.14.4.

Q: How can a malicious application exploit CVE-2019-8561?

A malicious application may be able to elevate privileges through CVE-2019-8561.

Published Mar 25, 2019

Updated

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges.

Other sources

PackageKit. A logic issue was addressed with improved validation.

Credit

Jaron Bradley(Crowdstrike)

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.4

10.14.4

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.4

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT209600

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2019-8561.

What is the severity of CVE-2019-8561?

The severity of CVE-2019-8561 is high.

What is the affected software of CVE-2019-8561?

The affected software of CVE-2019-8561 includes macOS Mojave 10.14.4, Apple High Sierra, Apple Sierra, and Apple Mac OS X versions up to 10.14.4.

What is the description of CVE-2019-8561?