First published: Mon Jul 22 2019(Updated: )
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.
Credit: Jeff Braswell (JeffBraswell.com) Jeff Braswell (JeffBraswell.com) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <12.4 | |
Apple watchOS | <5.3 | |
Apple watchOS | <5.3 | 5.3 |
Apple iOS | <12.4 | 12.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2019-8682.
The severity level of CVE-2019-8682 is low.
This vulnerability can be fixed by updating to iOS 12.4 and watchOS 5.3.
The impact of CVE-2019-8682 is that a user may inadvertently complete an in-app purchase while on the lock screen.
You can find more information about CVE-2019-8682 on Apple's official support page: [link](https://support.apple.com/en-us/HT210353)