CVE-2019-8603: High severity macos mojave vulnerability

Q: What is CVE-2019-8603?

CVE-2019-8603 is a vulnerability in the Accessibility Framework of macOS Mojave and allows an application to read restricted memory.

Q: How severe is CVE-2019-8603?

CVE-2019-8603 has a severity level of 8.8 (high).

Q: How can I fix CVE-2019-8603?

To fix CVE-2019-8603, update your macOS to version 10.14.5 or higher.

Q: Is Apple High Sierra affected by CVE-2019-8603?

Yes, Apple High Sierra is affected by CVE-2019-8603.

Q: Is Apple Sierra affected by CVE-2019-8603?

Yes, Apple Sierra is affected by CVE-2019-8603.

Published May 13, 2019

Updated

Accessibility Framework. A validation issue was addressed with improved input sanitization.

Other sources

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory.

Credit

Phoenhex, qwerty@@_niklasb, @@qwertyoruiopz, @@bkth_(Trend Micro)

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.5

10.14.5

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.5

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT210119

Frequently Asked Questions

What is CVE-2019-8603?

CVE-2019-8603 is a vulnerability in the Accessibility Framework of macOS Mojave and allows an application to read restricted memory.

How severe is CVE-2019-8603?

CVE-2019-8603 has a severity level of 8.8 (high).

How can I fix CVE-2019-8603?

To fix CVE-2019-8603, update your macOS to version 10.14.5 or higher.

Is Apple High Sierra affected by CVE-2019-8603?