CVE-2019-8830
FaceTime _RSU_DecodeByteBuffer Out-Of-Bounds Read
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.
Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en tvOS versión 13.3, watchOS versión 6.1.1, macOS Catalina versión 10.15.2, Security Update 2019-002 Mojave y Security Update 2019-007 High Sierra, iOS versión 13.3 y iPadOS versión 13.3, iOS versión 12.4.4, watchOS versión 5.3.4 . El procesamiento de videos maliciosos por medio de FaceTime puede conllevar a una ejecución de código arbitraria
FaceTime suffers from an out-of-bounds read vulnerability in _RSU_DecodeByteBuffer.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-02-18 CVE Reserved
- 2019-12-12 CVE Published
- 2023-07-13 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (6)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/en-us/HT210785 | 2020-10-30 | |
| https://support.apple.com/en-us/HT210787 | 2020-10-30 | |
| https://support.apple.com/en-us/HT210788 | 2020-10-30 | |
| https://support.apple.com/en-us/HT210789 | 2020-10-30 | |
| https://support.apple.com/en-us/HT210790 | 2020-10-30 | |
| https://support.apple.com/en-us/HT210791 | 2020-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Ipados Search vendor "Apple" for product "Ipados" | < 13.3 Search vendor "Apple" for product "Ipados" and version " < 13.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | < 13.3 Search vendor "Apple" for product "Iphone Os" and version " < 13.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | >= 12.0.0 < 12.4.4 Search vendor "Apple" for product "Iphone Os" and version " >= 12.0.0 < 12.4.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | < 10.15.2 Search vendor "Apple" for product "Mac Os X" and version " < 10.15.2" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Tvos Search vendor "Apple" for product "Tvos" | < 13.3 Search vendor "Apple" for product "Tvos" and version " < 13.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | < 5.3.4 Search vendor "Apple" for product "Watchos" and version " < 5.3.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | >= 6.0.0 < 6.1.1 Search vendor "Apple" for product "Watchos" and version " >= 6.0.0 < 6.1.1" | - |
Affected
| ||||||