First published: Mon May 13 2019(Updated: )
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.
Credit: natashenka Google Project Zeronatashenka Google Project Zero product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.3 | |
Apple tvOS | <12.3 | |
Apple watchOS | <5.2.1 | |
Apple watchOS | <5.2.1 | 5.2.1 |
Apple iOS | <12.3 | 12.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2019-8613 is a use after free vulnerability in the Mail Message Framework that allows a remote attacker to execute arbitrary code.
CVE-2019-8613 impacts Apple devices running iOS 12.3, tvOS 12.3, and watchOS 5.2.1, and it can lead to arbitrary code execution.
To fix CVE-2019-8613, you need to update your device to iOS 12.3, tvOS 12.3, or watchOS 5.2.1.
CVE-2019-8613 has a severity rating of 9.8 (critical).
You can find more information about CVE-2019-8613 on the following references: [Link 1](https://support.apple.com/en-us/HT210118), [Link 2](https://support.apple.com/HT210118), [Link 3](https://support.apple.com/HT210120).