CVE-2019-8805
First published: Tue Oct 29 2019(Updated: )
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.
Credit: product-security@apple.com Scott Knight @sdotknight VMware Carbon Black TAU
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mac OS X | <10.15.1 | |
| Apple macOS Catalina | <10.15.1 | 10.15.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8787
- CVE-2019-8796
- CVE-2019-8748
- CVE-2019-11041
- CVE-2019-11042
- CVE-2019-8824
- CVE-2019-8803
- CVE-2019-8817
- CVE-2019-8716
- CVE-2019-8788
- CVE-2019-8706
- CVE-2019-8785
- CVE-2019-8797
- CVE-2019-8850
- CVE-2019-8789
- CVE-2017-7152
- CVE-2019-8592
- CVE-2019-8705
- CVE-2019-8825
- CVE-2019-8736
- CVE-2019-8767
- CVE-2019-8737
- CVE-2019-8509
- CVE-2019-8798
- CVE-2019-8746
- CVE-2018-12152
- CVE-2018-12153
- CVE-2018-12154
- CVE-2019-8784
- CVE-2019-8807
- CVE-2019-8759
- CVE-2019-8801
- CVE-2019-8709
- CVE-2019-8794
- CVE-2019-8717
- CVE-2019-8786
- CVE-2019-8744
- CVE-2019-8829
- CVE-2019-8749
- CVE-2019-8756
- CVE-2019-8750
- CVE-2019-8802
- CVE-2019-8772
- CVE-2019-8708
- CVE-2019-8715
- CVE-2019-8858
- CVE-2019-8805
- CVE-2019-8754
- CVE-2019-8745
- CVE-2019-8831
- CVE-2019-8761
- CVE-2019-15126
Frequently Asked Questions
What is CVE-2019-8805?
CVE-2019-8805 is a vulnerability that existed in the entitlement verification process in macOS Catalina 10.15.1, allowing an application to execute arbitrary code with system privileges.
How severe is CVE-2019-8805?
CVE-2019-8805 has a severity score of 7.8, which is classified as critical.
Which software versions are affected by CVE-2019-8805?
CVE-2019-8805 affects macOS Catalina up to version 10.15.1.
How was CVE-2019-8805 fixed?
CVE-2019-8805 was fixed by improving the validation of the process entitlement in macOS Catalina 10.15.1.
Where can I find more information about CVE-2019-8805?
You can find more information about CVE-2019-8805 on the Apple support page: https://support.apple.com/HT210722
- collector/nvd-index
- collector/apple-support
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple mac os x
- canonical/apple macos catalina