VDB
CVE-2019-7287
CVE-2019-7287
PUBLISHED
KEV
CVSS 9.300000190734863 CRITICAL
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.
EPSS 4.87% · 89.8th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
4.87%
89.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | iphone_os | 0, 0, 0 |
| Apple | iOS | unspecified |
Exploit Intelligence
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- Buffer overflow in ProvInfoIOKitUserClient (Apple iOS) (gpz)
- CIRCL seen: CVE-2019-7287 (circl-sighting)
- CIRCL seen: CVE-2019-7287 (circl-sighting)
- CIRCL seen: CVE-2019-7287 (circl-sighting)
- CIRCL seen: CVE-2019-7287 (circl-sighting)
…and 36 more exploits
Timeline
- Aug 24, 2016 VulnCheck KEV Exploitation
- Feb 7, 2019 VulnCheck KEV Exploitation
- Feb 7, 2019 PoC Published
- Feb 8, 2019 CVE Published
- Feb 8, 2019 VulnCheck KEV Exploitation
- Feb 8, 2019 PoC Published
- Oct 9, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
References
- https://support.apple.com/HT209520 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7287 url
- https://nvd.nist.gov/vuln/detail/CVE-2019-7287 advisory
- https://support.apple.com/fr-fr/HT209521 advisory
- https://support.apple.com/fr-fr/HT209522 advisory
- https://support.apple.com/kb/HT209520 advisory