CVE-2019-6213

HIGH

Apple Iphone OS < 12.1.3 - Memory Corruption

Title source: rule

Description

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · cdosmultiple

https://www.exploit-db.com/exploits/46300

View Code ZIP pw:eip

References (6)

[Third Party Advisory] http://www.securityfocus.com/bid/106739

[Vendor Advisory] https://support.apple.com/HT209443

[Vendor Advisory] https://support.apple.com/HT209446

[Vendor Advisory] https://support.apple.com/HT209447

[Vendor Advisory] https://support.apple.com/HT209448

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/46300/

Scores

CVSS v3 7.8

EPSS 0.0434

EPSS Percentile 89.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (4)

apple/iphone_os < 12.1.3

apple/mac_os_x < 10.14.3

apple/tv_os < 12.1.2

apple/watchos < 5.1.3

Published Mar 05, 2019

Tracked Since Feb 18, 2026