Symantec Security ResponseSMNTC-111168Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability
Description
Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system.
Technologies Affected
- Apple Ipad Mini-
- Apple TV
- Apple Watch
- Apple iOS 10
- Apple iOS 10.0.1
- Apple iOS 10.1
- Apple iOS 10.2
- Apple iOS 10.2.1
- Apple iOS 10.3
- Apple iOS 10.3.1
- Apple iOS 10.3.2
- Apple iOS 10.3.3
- Apple iOS 11
- Apple iOS 11.1
- Apple iOS 11.2
- Apple iOS 11.2.1
- Apple iOS 11.2.2
- Apple iOS 11.2.5
- Apple iOS 11.2.6
- Apple iOS 11.3
- Apple iOS 11.3.1
- Apple iOS 11.4
- Apple iOS 11.4.1
- Apple iOS 12
- Apple iOS 12.0.1
- Apple iOS 12.1
- Apple iOS 12.1.1
- Apple iOS 12.1.3
- Apple iOS 12.1.4
- Apple iOS 12.2
- Apple iOS 12.3
- Apple iOS 12.4
- Apple iOS 12.4.1
- Apple iOS 13
- Apple iOS 13.1
- Apple iOS 13.2
- Apple iOS 2.0
- Apple iOS 2.1
- Apple iOS 3
- Apple iOS 3.0
- Apple iOS 3.1
- Apple iOS 3.2
- Apple iOS 3.2.1
- Apple iOS 3.2.2
- Apple iOS 4
- Apple iOS 4
- Apple iOS 4.0.1
- Apple iOS 4.0.2
- Apple iOS 4.1
- Apple iOS 4.2
- Apple iOS 4.2.1
- Apple iOS 4.2.10
- Apple iOS 4.2.5
- Apple iOS 4.2.6
- Apple iOS 4.2.7
- Apple iOS 4.2.8
- Apple iOS 4.2.9
- Apple iOS 4.3
- Apple iOS 4.3.1
- Apple iOS 4.3.2
- Apple iOS 4.3.3
- Apple iOS 4.3.4
- Apple iOS 4.3.5
- Apple iOS 5
- Apple iOS 5
- Apple iOS 5.0.1
- Apple iOS 5.1
- Apple iOS 5.1.1
- Apple iOS 6
- Apple iOS 6.0.1
- Apple iOS 6.0.2
- Apple iOS 6.1
- Apple iOS 6.1.3
- Apple iOS 6.1.4
- Apple iOS 6.1.6
- Apple iOS 6.3.1
- Apple iOS 7
- Apple iOS 7.0.1
- Apple iOS 7.0.2
- Apple iOS 7.0.3
- Apple iOS 7.0.4
- Apple iOS 7.0.5
- Apple iOS 7.0.6
- Apple iOS 7.1
- Apple iOS 7.1.1
- Apple iOS 7.1.2
- Apple iOS 7.2.0
- Apple iOS 8
- Apple iOS 8.1
- Apple iOS 8.1.1
- Apple iOS 8.1.2
- Apple iOS 8.1.3
- Apple iOS 8.2
- Apple iOS 8.3
- Apple iOS 8.4
- Apple iOS 8.4.1
- Apple iOS 9
- Apple iOS 9.0.1
- Apple iOS 9.0.2
- Apple iOS 9.1
- Apple iOS 9.2
- Apple iOS 9.2.1
- Apple iOS 9.3
- Apple iOS 9.3.1
- Apple iOS 9.3.2
- Apple iOS 9.3.3
- Apple iOS 9.3.4
- Apple iOS 9.3.5
- Apple iPad Air
- Apple iPadOS 13.1
- Apple iPadOS 13.2
- Apple iPhone
- Apple iPod Touch
- Apple macOS 10.13.6
- Apple macOS 10.14.6
- Apple macOS 10.15
- Apple tvOS 10
- Apple tvOS 10.0.1
- Apple tvOS 10.1
- Apple tvOS 10.1.1
- Apple tvOS 10.2
- Apple tvOS 10.2.1
- Apple tvOS 10.2.2
- Apple tvOS 11
- Apple tvOS 11.1
- Apple tvOS 11.2
- Apple tvOS 11.2.1
- Apple tvOS 11.2.5
- Apple tvOS 11.2.6
- Apple tvOS 11.4
- Apple tvOS 11.4.1
- Apple tvOS 12
- Apple tvOS 12.1.1
- Apple tvOS 12.1.2
- Apple tvOS 12.2.1
- Apple tvOS 12.3
- Apple tvOS 12.4
- Apple tvOS 12.4.1
- Apple tvOS 13
- Apple tvOS 13.2
- Apple tvOS 9.0
- Apple tvOS 9.1
- Apple tvOS 9.1.1
- Apple tvOS 9.2
- Apple tvOS 9.2.1
- Apple tvOS 9.2.2
- Apple watchOS 1.0
- Apple watchOS 1.0.1
- Apple watchOS 10.1.1
- Apple watchOS 12.4
- Apple watchOS 2.0
- Apple watchOS 2.0.1
- Apple watchOS 2.1
- Apple watchOS 2.2
- Apple watchOS 2.2.1
- Apple watchOS 2.2.2
- Apple watchOS 3
- Apple watchOS 3.0
- Apple watchOS 3.1
- Apple watchOS 3.1.1
- Apple watchOS 3.1.3
- Apple watchOS 3.2
- Apple watchOS 3.2.1
- Apple watchOS 3.2.2
- Apple watchOS 3.2.3
- Apple watchOS 4
- Apple watchOS 4.1
- Apple watchOS 4.2
- Apple watchOS 4.2.2
- Apple watchOS 4.2.3
- Apple watchOS 4.3
- Apple watchOS 4.3.1
- Apple watchOS 4.3.2
- Apple watchOS 5
- Apple watchOS 5.1.2
- Apple watchOS 5.1.3
- Apple watchOS 5.2.1
- Apple watchOS 5.3
- Apple watchOS 6.1
Recommendations
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.
Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, run all applications with the minimal amount of privileges required for functionality.
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.
Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.
Evaluate read, write, and execute permissions on all newly installed software.
To limit exposure to these and other latent vulnerabilities, evaluate setgid and setuid settings on all installed applications.
Updates are available. Please see the references or vendor advisory for more information.
Related
