First published: Tue Jan 22 2019(Updated: )
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: product-security@apple.com Georgi Geshev @munmap Fabi Beterke @pwnfl4k3s Rob Miller @trotmaster99 MWR LabsGeorgi Geshev @munmap Fabi Beterke @pwnfl4k3s Rob Miller @trotmaster99 MWR Labs product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.1.3 | |
Apple Mac OS X | <10.14.3 | |
Apple macOS Mojave | <10.14.3 | 10.14.3 |
Apple High Sierra | ||
Apple Sierra | ||
Apple iOS | <12.1.3 | 12.1.3 |
<12.1.3 | ||
<10.14.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2019-6211 is a vulnerability in WebRTC that allows arbitrary code execution by processing maliciously crafted web content.
iOS versions up to but not including 12.1.3 and macOS Mojave versions up to but not including 10.14.3 are affected by CVE-2019-6211.
CVE-2019-6211 has a severity rating of 8.8 (high).
Update your iOS device to version 12.1.3 or later, and update your macOS Mojave to version 10.14.3 or later to fix CVE-2019-6211.
You can find more information about CVE-2019-6211 on the official Apple support page: [https://support.apple.com/HT209443](https://support.apple.com/HT209443)