CVE-2019-6224

HIGH

iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2, watchOS < 5.1.3 - Remote Code Execution via FaceTime Call

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-6224. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in FaceTime (CVE-2019-6224) triggered by a malformed RTP video stream, leading to a crash in CoreVideo. The PoC involves patching system binaries to inject malicious libraries and reproduce the issue.

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmacos

https://www.exploit-db.com/exploits/46433

View Code ZIP pw:eip

This exploit demonstrates a memory corruption vulnerability in FaceTime (CVE-2019-6224) triggered by a malformed RTP video stream, leading to a crash in CoreVideo. The PoC involves patching system binaries to inject malicious libraries and reproduce the issue.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Apple FaceTime on iOS 12.1.1 and macOS 10.13.6

No auth needed

Prerequisites: Physical or remote access to the target device · Ability to modify system binaries and sandbox profiles · Malicious RTP stream

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT209446

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT209443

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT209448

Third Party Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/106739

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46433/

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT209447

Scores

CVSS v3 8.8

EPSS 0.0897

EPSS Percentile 94.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (4)

apple/iphone_os < 12.1.3

apple/mac_os_x < 10.14.3

apple/tv_os < 12.1.2

apple/watchos < 5.1.3

Published Mar 05, 2019

Tracked Since Feb 18, 2026