CVE-2019-8682: Low severity apple ios, ipados, and watchos vulnerability

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8682.

Q: What is the severity level of CVE-2019-8682?

The severity level of CVE-2019-8682 is low.

Q: How can this vulnerability be fixed?

This vulnerability can be fixed by updating to iOS 12.4 and watchOS 5.3.

Q: What is the impact of CVE-2019-8682?

The impact of CVE-2019-8682 is that a user may inadvertently complete an in-app purchase while on the lock screen.

Q: Where can I find more information about CVE-2019-8682?

You can find more information about CVE-2019-8682 on Apple's official support page: [link](https://support.apple.com/en-us/HT210353)

Published Jul 22, 2019

Updated

The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.

Other sources

Wallet. The issue was addressed with improved UI handling.

Credit

Jeff Braswell (JeffBraswell.com)

Affected Software

4 affected componentsFixes available

Apple WatchOS<5.3

5.3

Apple iOS<12.4

12.4

Apple iPhone OS<12.4

Apple WatchOS<5.3

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8682.

What is the severity level of CVE-2019-8682?

The severity level of CVE-2019-8682 is low.

How can this vulnerability be fixed?

This vulnerability can be fixed by updating to iOS 12.4 and watchOS 5.3.

What is the impact of CVE-2019-8682?