CVE-2019-8589: Medium severity macos mojave vulnerability

Q: What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2019-8589.

Q: What is the severity of CVE-2019-8589?

The severity of CVE-2019-8589 is medium.

Q: What is the affected software for CVE-2019-8589?

The affected software for CVE-2019-8589 include macOS Mojave 10.14.5, Apple High Sierra, Apple Sierra, and Apple Mac OS X (up to version 10.14.5).

Q: How was CVE-2019-8589 addressed?

CVE-2019-8589 was addressed with improved checks in macOS Mojave 10.14.5.

Q: What can a malicious application do with this vulnerability?

A malicious application can bypass Gatekeeper checks using CVE-2019-8589.

Published May 13, 2019

Updated

DesktopServices. This issue was addressed with improved checks.

Other sources

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks.

Credit

Andreas Clementi, Stefan Haselwanter, Peter Stelzhammer(AV)

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.5

10.14.5

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.5

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT210119

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2019-8589.

What is the severity of CVE-2019-8589?

The severity of CVE-2019-8589 is medium.

What is the affected software for CVE-2019-8589?

The affected software for CVE-2019-8589 include macOS Mojave 10.14.5, Apple High Sierra, Apple Sierra, and Apple Mac OS X (up to version 10.14.5).

How was CVE-2019-8589 addressed?