CyberSec.Space Logo
Back to CVE Browser

CVE-2019-8605

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score62.1630%
EPSS Percentile96.31th
PublishedDec 18, 2019
Last ModifiedOct 23, 2025

Vulnerability Description

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.

Affected Platforms (CPE)

πŸ’»
Apple

Iphone Os

< 12.3
πŸ’»
Apple

Mac Os X

< 10.14.5
πŸ’»
Apple

Tvos

< 12.3
πŸ’»
Apple

Watchos

< 5.2.1

References & Advisories

πŸ”— https://support.apple.com/HT210118
πŸ”— https://support.apple.com/HT210119
πŸ”— https://support.apple.com/HT210120
πŸ”— https://support.apple.com/HT210122
πŸ”— https://support.apple.com/HT210118
πŸ”— https://support.apple.com/HT210119
πŸ”— https://support.apple.com/HT210120
πŸ”— https://support.apple.com/HT210122

Related Vulnerabilities

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2009-220410.0

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitr...

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...

CVE-2010-111910.0

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on ...