CVE-2019-8664: Input Validation

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8664.

Q: What is the severity of CVE-2019-8664?

The severity of CVE-2019-8664 is medium (6.5).

Q: What is the affected software for CVE-2019-8664?

The affected software for CVE-2019-8664 includes iOS versions up to (but not including) 12.3 and watchOS versions up to (but not including) 5.2.1.

Q: How can I fix CVE-2019-8664?

You can fix CVE-2019-8664 by updating to iOS 12.3 or watchOS 5.2.1, depending on the affected software.

Published May 13, 2019

Updated

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.

Other sources

Messages. An input validation issue was addressed with improved input validation.

Credit

natashenka(Google Project Zero)

Affected Software

4 affected componentsFixes available

Apple WatchOS<5.2.1

5.2.1

Apple iOS<12.3

12.3

Apple iPhone OS<12.3

Apple WatchOS<5.2.1

Event History

Oct 27, 2020

CVE Published

via MITRE·08:57 PM

Data Sourced

via MITRE·08:57 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8664.

What is the severity of CVE-2019-8664?

The severity of CVE-2019-8664 is medium (6.5).

What is the affected software for CVE-2019-8664?

The affected software for CVE-2019-8664 includes iOS versions up to (but not including) 12.3 and watchOS versions up to (but not including) 5.2.1.

What is the potential impact of CVE-2019-8664?

Processing a maliciously crafted message may lead to a denial of service.

How can I fix CVE-2019-8664?