CVE-2019-8781

HIGH

macOS < 10.15 - Out-of-bounds Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-8781. PoCs published by A2nkF, TrungNguyen1909.

AI-analyzed exploit summary This is a functional privilege escalation exploit for CVE-2019-8781 targeting macOS Mojave kernels. It leverages a kernel vulnerability to disable SMEP and escalate privileges to root by manipulating kernel structures and ROP chains.

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.

Exploits (2)

nomisec WORKING POC 293 stars
by A2nkF · poc
https://github.com/A2nkF/macOS-Kernel-Exploit

This is a functional privilege escalation exploit for CVE-2019-8781 targeting macOS Mojave kernels. It leverages a kernel vulnerability to disable SMEP and escalate privileges to root by manipulating kernel structures and ROP chains.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: macOS Mojave (Darwin Kernel Version 18.7.0)
No auth needed
Prerequisites: KASLR slide value · SMAP disabled (macs before 2015 or with `-pmap_smap_disable` boot arg) · Xcode <= 9.4.1 for 32-bit compilation
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by TrungNguyen1909 · poc
https://github.com/TrungNguyen1909/CVE-2019-8781-macOS

This is a working privilege escalation exploit for CVE-2019-8781 on macOS, leveraging a kernel memory corruption vulnerability to elevate privileges to root and spawn a shell. The exploit bypasses SMEP and manipulates kernel structures to achieve arbitrary code execution in kernel mode.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: macOS versions before 10.15.0
No auth needed
Prerequisites: macOS 10.14.6 or earlier · Kernel ASLR slide value · Xcode 9.4.1 Command Line Tools
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/HT210634

Scores

CVSS v3 7.8
EPSS 0.0325
EPSS Percentile 86.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
apple/mac_os_x < 10.15
Published Dec 18, 2019
Tracked Since Feb 18, 2026