CVE-2019-7286

HIGH KEV

iOS <12.1.4 - Privilege Escalation

Title source: llm

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.

Exploits (1)

exploitdb WORKING POC

by ZecOps · cdosios

https://www.exploit-db.com/exploits/46803

View Code ZIP pw:eip

References (5)

[Vendor Advisory] https://support.apple.com/HT209520

[Vendor Advisory] https://support.apple.com/HT209521

[Vendor Advisory] https://support.apple.com/HT209601

[Vendor Advisory] https://support.apple.com/HT209602

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7286

Scores

CVSS v3 7.8

EPSS 0.0145

EPSS Percentile 80.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-05-23

VulnCheck KEV 2019-02-07

InTheWild.io 2019-02-07

ENISA EUVD EUVD-2019-16830

CWE

CWE-787

Status published

Products (2)

apple/iphone_os < 12.1.4

apple/mac_os_x < 10.14.3

Published Dec 18, 2019

KEV Added May 23, 2022

Tracked Since Feb 18, 2026