CVE-2019-8509 - This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.1

CVE-2019-8509

Summary

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.

References

Vulnerable Configurations

cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.4:beta4:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.4:beta4:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 30-10-2020 - 15:14)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

misc

Last major update

30-10-2020 - 15:14

Published

27-10-2020 - 20:15

Last modified

30-10-2020 - 15:14