BDU:2020-01583

BDU

HighConfirmedExploit available

Уязвимость модуля отображения WebKit операционных систем iOS, tvOS и watchOS, мультимедийного проигрывателя iTunes for Windows, браузера Sa…

CVSS

8.8

High

EPSS

0.00

Published

2020-01-01

Updated

2020-01-01

Description

Уязвимость модуля отображения WebKit операционных систем iOS, tvOS и watchOS, мультимедийного проигрывателя iTunes for Windows, браузера Safari и сервиса iCloud for Windows связана с ошибками преобразования типов данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код

Tags · CWE

Pre-auth

Affected products

Apple inc. IcloudApple inc. IcloudApple inc. IcloudApple inc. IcloudApple inc. IcloudApple inc. IcloudApple inc. IcloudApple inc. ItunesApple inc. ItunesApple inc. ItunesApple inc. ItunesApple inc. ItunesApple inc. ItunesApple inc. ItunesApple inc. SafariApple inc. SafariApple inc. SafariApple inc. SafariApple inc. SafariApple inc. Safari

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2020-01-01

Published

2020-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

46647

exploitdb · https://www.exploit-db.com/exploits/46647

Enterprise

Affected products

Apple

Safari Itunes Icloud

Product	Vendor	Status
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
icloud	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
itunes	apple inc.	Tracked
safari	apple inc.	Tracked
safari	apple inc.	Tracked
safari	apple inc.	Tracked
safari	apple inc.	Tracked
safari	apple inc.	Tracked
safari	apple inc.	Tracked

Showing first 20 of 21

Source databases

BDU

Related vulnerabilities

CVE-2019-8506

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8506@https://support.apple.com/HT209599@https://support.apple.com/HT209601@https://support.apple.com/HT209602@https://support.apple.com/HT209603@https://support.apple.com/HT209604@https://support.apple.com/HT209605@https://www.suse.com/security/cve/CVE-2019-8506/@https://access.redhat.com/security/cve/cve-2019-8506@https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023@https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv