CVE-2019-8565
Apple Mac OS X - Feedback Assistant Race Condition
Severity Score
7
*CVSS v3.1
Exploit Likelihood
28.7%
*EPSS
Affected Versions
2
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.
Una condición de carrera se abordó con comprobación adicional. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4. Una aplicación maliciosa puede alcanzar privilegios root.
macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra are now available and addresses buffer overflow, bypass, and code execution vulnerabilities.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-02-18 CVE Reserved
- 2019-03-26 CVE Published
- 2019-05-22 First Exploit
- 2024-08-04 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (7)
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/152996 | 2019-05-22 | |
| https://www.exploit-db.com/exploits/46914 | 2019-05-23 |
1 - 2 of 2
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/HT209599 | 2019-12-20 | |
| https://support.apple.com/HT209600 | 2019-12-20 |
1 - 2 of 2