CVE-2019-8805

HIGH

macOS Catalina <10.15.1 - Privilege Escalation

Title source: llm

Description

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.

Exploits (1)

nomisec WORKING POC 1 stars

by securelayer7 · poc

https://github.com/securelayer7/CVE-2019-8805

View Code ZIP pw:eip

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210722

Scores

CVSS v3 7.8

EPSS 0.1346

EPSS Percentile 94.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

apple/mac_os_x < 10.15.1

Published Dec 18, 2019

Tracked Since Feb 18, 2026