First published: Mon May 13 2019(Updated: )
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.
Credit: natashenka Google Project Zeronatashenka Google Project Zero product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.3 | |
Apple watchOS | <5.2.1 | |
Apple watchOS | <5.2.1 | 5.2.1 |
Apple iOS | <12.3 | 12.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2019-8626.
The severity of CVE-2019-8626 is medium with a CVSS score of 6.5.
iOS versions up to but excluding 12.3, and watchOS versions up to but excluding 5.2.1 are affected by CVE-2019-8626.
To fix CVE-2019-8626, update to iOS 12.3 or later, or update to watchOS 5.2.1 or later.
Exploiting CVE-2019-8626 can lead to a denial of service by processing a maliciously crafted message.