CVE-2019-8853: Input Validation
First published: Tue Dec 10 2019(Updated: )
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to read restricted memory.
Credit: Jianjun Dai Qihoo 360 Alpha Lab product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| macOS Catalina | <10.15.2 | 10.15.2 |
| macOS Mojave | ||
| macOS High Sierra | ||
| Apple iOS and macOS | <10.15.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210788 (Advisory)
- https://support.apple.com/en-us/HT211100 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8837
- CVE-2019-8853
- CVE-2019-8856
- CVE-2019-8848
- CVE-2019-8834
- CVE-2019-8842
- CVE-2019-8839
- CVE-2019-8830
- CVE-2019-8851
- CVE-2019-8833
- CVE-2019-8828
- CVE-2019-8838
- CVE-2019-8847
- CVE-2019-8852
- CVE-2019-15903
- CVE-2020-9782
- CVE-2012-1164
- CVE-2012-2668
- CVE-2013-4449
- CVE-2015-1545
- CVE-2019-13057
- CVE-2019-13565
- CVE-2019-8832
- CVE-2017-16808
- CVE-2018-10103
- CVE-2018-10105
- CVE-2018-14461
- CVE-2018-14462
- CVE-2018-14463
- CVE-2018-14464
- CVE-2018-14465
- CVE-2018-14466
- CVE-2018-14467
- CVE-2018-14468
- CVE-2018-14469
- CVE-2018-14470
- CVE-2018-14879
- CVE-2018-14880
- CVE-2018-14881
- CVE-2018-14882
- CVE-2018-16227
- CVE-2018-16228
- CVE-2018-16229
- CVE-2018-16230
- CVE-2018-16300
- CVE-2018-16301
- CVE-2018-16451
- CVE-2018-16452
- CVE-2019-15166
- CVE-2019-15167
- CVE-2019-15126
- CVE-2020-9772
- CVE-2020-3903
- CVE-2020-3904
- CVE-2020-3883
- CVE-2020-6616
- CVE-2020-9853
- CVE-2020-3907
- CVE-2020-3908
- CVE-2020-3912
- CVE-2020-9779
- CVE-2020-3892
- CVE-2020-3893
- CVE-2020-3905
- CVE-2020-9776
- CVE-2020-9828
- CVE-2020-3913
- CVE-2020-9829
- CVE-2020-3898
- CVE-2020-3881
- CVE-2020-3886
- CVE-2019-14615
- CVE-2020-3919
- CVE-2020-3851
- CVE-2020-3896
- CVE-2020-3914
- CVE-2020-9785
- CVE-2020-3909
- CVE-2020-3911
- CVE-2020-3910
- CVE-2020-3884
- CVE-2020-3915
- CVE-2020-9775
- CVE-2020-9771
- CVE-2020-3918
- CVE-2019-19232
- CVE-2020-9786
- CVE-2020-3906
- CVE-2020-3889
- CVE-2020-9769
- CVE-2020-9787
- CVE-2020-3902
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2019-8853.
What is the title of the vulnerability?
The title of the vulnerability is Bluetooth. A validation issue was addressed with improved input sanitization.
What is the affected software?
The affected software includes macOS Catalina 10.15.4, Mojave, and High Sierra.
How was the vulnerability addressed?
The vulnerability was addressed by implementing improved input sanitization.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found at the following references: [link1], [link2].
- agent/type
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/macos catalina
- canonical/macos mojave
- canonical/macos high sierra
- canonical/apple ios and macos