First published: Thu Sep 19 2019(Updated: )
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: Found by GWP-ASan in Google Chrome Found by GWP-ASan in Google Chrome Found by GWP-ASan in Google Chrome Found by GWP-ASan in Google Chrome Found by GWP-ASan in Google Chrome Found by GWP-ASan in Google Chrome product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iTunes for Windows | <12.10.1 | 12.10.1 |
Apple iCloud for Windows | <7.14 | 7.14 |
Apple iCloud for Windows | <10.7 | 10.7 |
Apple macOS Catalina | <10.15 | 10.15 |
Apple macOS Catalina | <10.15.1 | 10.15.1 |
Apple iOS | <13 | 13 |
Apple Icloud Windows | <7.14 | |
Apple Icloud Windows | >=10.0<10.7 | |
Apple Itunes Windows | <12.10.1 | |
Apple iPhone OS | <13.3 | |
Apple Mac OS X | <10.15.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2019-8825 is a memory corruption vulnerability in CoreMedia that has been fixed in various Apple products.
macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, iCloud for Windows 7.14, and iTunes 12.10.1 for Windows are affected by CVE-2019-8825.
CVE-2019-8825 has a severity rating of 8.8 (high).
To fix CVE-2019-8825, update to macOS Catalina 10.15.1, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, iCloud for Windows 7.14, or iTunes 12.10.1 for Windows.
You can find more information about CVE-2019-8825 on the Apple support page: [CVE-2019-8825](https://support.apple.com/en-us/HT210722)