CVE-2019-7287

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score86.0340%

EPSS Percentile97.23th

PublishedDec 18, 2019

Last ModifiedOct 23, 2025

Vulnerability Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.

Affected Platforms (CPE)

💻

Apple

Iphone Os

< 12.1.4

References & Advisories

🔗 https://support.apple.com/HT209520

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7287

Related Vulnerabilities

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2009-220410.0

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitr...

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...

CVE-2010-111910.0

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on ...