CVE-2019-8514

HIGH

iPhone OS < 12.2 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8514. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a PID reuse vulnerability in macOS (XNU kernel) to spoof audit_tokens, allowing an unprivileged process to impersonate a privileged one during IPC security checks. The attack involves manipulating PID and pidversion to bypass entitlement checks.

Description

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/46648

This exploit leverages a PID reuse vulnerability in macOS (XNU kernel) to spoof audit_tokens, allowing an unprivileged process to impersonate a privileged one during IPC security checks. The attack involves manipulating PID and pidversion to bypass entitlement checks.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: macOS (XNU kernel) up to 10.14.3
No auth needed
Prerequisites: Local access to a macOS system · Ability to compile and execute C code
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/HT209599
Vendor Advisory x_refsource_misc
https://support.apple.com/HT209601
Vendor Advisory x_refsource_misc
https://support.apple.com/HT209600
Vendor Advisory x_refsource_misc
https://support.apple.com/HT209602

Scores

CVSS v3 7.8
EPSS 0.0310
EPSS Percentile 86.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (4)
apple/iphone_os < 12.2
apple/mac_os_x < 10.14.4
apple/tvos < 12.2
apple/watchos < 5.2
Published Dec 18, 2019
Tracked Since Feb 18, 2026