VDB
CVE-2019-6214
CVE-2019-6214
PUBLISHED
CVSS 8.600000381469727 HIGH
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
EPSS 8.42% · 92.5th percentile
Risk Scores
CVSS 3.0
8.600000381469727
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
8.42%
92.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | watchOS | unspecified |
| apple | watchos | 0 |
| Apple | tvOS | unspecified |
| Apple | macOS | unspecified |
| Apple | iOS | unspecified |
| apple | tv_os | 0 |
| apple | mac_os_x | 0 |
| apple | iphone_os | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2019-6214 (circl-sighting)
- CIRCL exploited: CVE-2019-6214 (circl-sighting)
- https://support.apple.com/HT209446 (circl)
- https://support.apple.com/HT209443 (circl)
- https://support.apple.com/HT209448 (circl)
- 106739 (circl)
- https://support.apple.com/HT209447 (circl)
- https://www.exploit-db.com/exploits/46298/ (nist-nvd)
- macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issu (0day-today)
- macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issu (0day-today)
Timeline
- Jan 23, 2019 CVE Published
- Jan 28, 2019 PoC Published
- Jan 31, 2019 PoC Published
- Feb 1, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- https://support.apple.com/en-us/HT209451 advisory
- https://support.apple.com/en-us/HT209447 advisory
- https://support.apple.com/en-us/HT209443 advisory
- https://support.apple.com/en-us/HT209449 advisory
- https://support.apple.com/en-us/HT209448 advisory
- https://support.apple.com/en-us/HT209446 advisory
- https://support.apple.com/HT209446 url
- https://support.apple.com/HT209443 url
- 46298 exploit
- https://support.apple.com/HT209448 url
- 106739 vdb
- https://support.apple.com/HT209447 url
- https://nvd.nist.gov/vuln/detail/CVE-2019-6214 advisory
- https://www.exploit-db.com/exploits/46298 url