CVE-2019-8852

HIGH

macOS < 10.15.2 - Out-of-bounds Write

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8852. PoCs published by pattern-f.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2019-8852, a tfp0 bug affecting macOS 10.15.1 and below. The exploit leverages a use-after-free (UAF) vulnerability to achieve kernel memory manipulation, tested on macOS 10.14.6.

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.

Exploits (1)

nomisec WORKING POC 13 stars

by pattern-f · poc

https://github.com/pattern-f/CVE-2019-8852

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2019-8852, a tfp0 bug affecting macOS 10.15.1 and below. The exploit leverages a use-after-free (UAF) vulnerability to achieve kernel memory manipulation, tested on macOS 10.14.6.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: macOS 10.15.1 and below

No auth needed

Prerequisites: macOS 10.15.1 or below · Local access to the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT210788

Scores

CVSS v3 7.8

EPSS 0.0479

EPSS Percentile 89.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

apple/mac_os_x < 10.15.2

Published Oct 27, 2020

Tracked Since Feb 18, 2026