The version of Apple iOS running on the mobile device is prior to 12.4.1. It is, therefore, affected by a privilege escalation vulnerability. An unauthenticated, remote attacker can exploit this, via a malicious application, to execute arbitrary code with system privileges.
{"id": "APPLE_IOS_1241_CHECK.NBIN", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Apple iOS < 12.4.1 Privilege Escalation Vulnerability", "description": "The version of Apple iOS running on the mobile device is prior to 12.4.1. It is, therefore, affected by a privilege escalation vulnerability. An unauthenticated, remote attacker can exploit this, via a malicious application, to execute arbitrary code with system privileges.", "published": "2019-08-26T00:00:00", "modified": "2023-05-31T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/128150", "reporter": "This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8605", "https://support.apple.com/en-us/HT210549"], "cvelist": [], "immutableFields": [], "lastseen": "2023-06-01T14:38:27", "viewCount": 81, "enchantments": {"dependencies": {"references": []}, "score": {"value": 5.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "apple", "idList": ["APPLE:0B002AB816638E74B596AA40B55E1D50", "APPLE:1E452AB09BD018501C8ED03BD6811E97", "APPLE:466BEDED69CFA24057993B0F7E611178", "APPLE:94AE87E523DE7DA7141C877658AAFAAF", "APPLE:HT210122", "APPLE:HT210548", "APPLE:HT210549", "APPLE:HT210550"]}, {"type": "cve", "idList": ["CVE-2019-8605"]}, {"type": "exploitdb", "idList": ["EDB-ID:46892"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A949B008F38AEF72665598CB7C12FD89"]}, {"type": "githubexploit", "idList": ["44DF7B65-442B-571C-BC5C-3C4356DFE2BF"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:0A90A47458C0D2B6B85F5BC6C0105ECC", "GOOGLEPROJECTZERO:37170621F78D33B9DDE68A73E0A16294", "GOOGLEPROJECTZERO:484F15FB833183203B1090176F5B292A"]}, {"type": "nessus", "idList": ["APPLETV_12_3.NASL", "APPLETV_12_4_1.NASL", "MACOSX_SECUPD2019-003.NASL", "MACOS_10_14_5.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813197", "OPENVAS:1361412562310814888"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152993"]}, {"type": "thn", "idList": ["THN:38E80608368A67C138D1E4D8187D2AA3", "THN:79F83648DEAA2E305471E325D6B2DE48", "THN:BC46175420BE934D07B4CB081F495CCB"]}, {"type": "threatpost", "idList": ["THREATPOST:B8AF83007523DF3B48792EDBDB3DB079", "THREATPOST:CBFAA2319AF4281EC1DD5C4682601942", "THREATPOST:DCE54029E2039178B6F2685D0BF8C518", "THREATPOST:FF3CF3FA3B1ABB90E090DC157C18D35C"]}, {"type": "zdt", "idList": ["1337DAY-ID-32762"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-8605", "epss": 0.00133, "percentile": 0.47064, "modified": "2023-05-07"}], "vulnersScore": 5.8}, "_state": {"dependencies": 1685635868, "score": 1685631629, "epss": 0}, "_internal": {"score_hash": "04ff37916182f586b95e11216926d1c4"}, "pluginID": "128150", "sourceData": "Binary data apple_ios_1241_check.nbin", "naslFamily": "Mobile Devices", "cpe": ["cpe:/o:apple:iphone_os"], "solution": "Upgrade to Apple iOS version 12.4.1 or later", "nessusSeverity": "High", "cvssScoreSource": "CVE-2019-8605", "vendor_cvss2": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-08-26T00:00:00", "vulnerabilityPublicationDate": "2019-08-26T00:00:00", "exploitableWith": []}
Apple iOS < 12.4.1 Privilege Escalation Vulnerability