CVE-2019-8704: Medium severity tvos vulnerability

Q: What is CVE-2019-8704?

CVE-2019-8704 is an authentication issue that was addressed with improved state management.

Q: Is CVE-2019-8704 fixed?

Yes, CVE-2019-8704 is fixed in tvOS 13.

Q: Who is affected by CVE-2019-8704?

Users of Apple iPhone OS and Apple tvOS versions up to 13 are affected by CVE-2019-8704.

Q: What is the severity of CVE-2019-8704?

CVE-2019-8704 has a severity rating of medium, with a CVSS score of 5.5.

Q: How can I fix CVE-2019-8704?

To fix CVE-2019-8704, update your device to tvOS 13.

Published Sep 19, 2019

Updated

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.

Other sources

Keyboards. An authentication issue was addressed with improved state management.

Credit

王邦宇 (wAnyBug.Com)(SAINTSEC)

Affected Software

4 affected componentsFixes available

tvOS<13

Apple iOS and iPadOS<13

iPhone OS<13.0

tvOS<13

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is CVE-2019-8704?

CVE-2019-8704 is an authentication issue that was addressed with improved state management.

Is CVE-2019-8704 fixed?

Yes, CVE-2019-8704 is fixed in tvOS 13.

Who is affected by CVE-2019-8704?

Users of Apple iPhone OS and Apple tvOS versions up to 13 are affected by CVE-2019-8704.

What is the severity of CVE-2019-8704?