CVE-2019-8747: Critical severity tvos vulnerability

Q: What is the severity of CVE-2019-8747?

The severity of CVE-2019-8747 is critical with a CVSS score of 7.8.

Q: Which Apple products are affected by CVE-2019-8747?

CVE-2019-8747 affects watchOS (up to version 6.1), tvOS (up to version 13), iOS (up to version 13.1), and iPadOS (up to version 13.1).

Q: How can an attacker exploit the vulnerability in CVE-2019-8747?

An attacker can exploit CVE-2019-8747 by executing arbitrary code with kernel privileges.

Q: How can I fix CVE-2019-8747?

CVE-2019-8747 is fixed in watchOS 6.1. Ensure you have updated to the latest version of watchOS or the affected software.

Q: Where can I find more information about CVE-2019-8747?

You can find more information about CVE-2019-8747 on the Apple support page: https://support.apple.com/en-us/HT210724

Published Sep 24, 2019

Updated

AppleFirmwareUpdateKext. A memory corruption vulnerability was addressed with improved locking.

Other sources

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

Credit

Mohamed Ghannam@@_simo36, Mohamed Ghannam@@_simo36, Mohamed Ghannam@@_simo36

Affected Software

5 affected componentsFixes available

Apple tvOS<13

Apple WatchOS<6.1

6.1

Apple WatchOS<6.1

Apple iOS<13.1

13.1

Apple iPadOS<13.1

13.1

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2019-8747?

The severity of CVE-2019-8747 is critical with a CVSS score of 7.8.

Which Apple products are affected by CVE-2019-8747?