Lucene search
Lilang Wu and Moony Li of TrendMicro Mobile Security Research TeamZDI-19-538HistoryMay 30, 2019 - 12:00 a.m.
Apple macOS IOAccelSharedUserClient2 Untrusted Pointer Dereference Privilege Escalation Vulnerability
2019-05-3000:00:00
Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team
www.zerodayinitiative.com
15
EPSS
0
Percentile
15.9%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOAccelSharedUserClient2 call. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
Related
cve
cve
CVE-2019-8616
2019-12-18 18:15:29
prion
prion
Memory corruption
2019-12-18 18:15:00
nvd
nvd
CVE-2019-8616
2019-12-18 18:15:29
cvelist
cvelist
CVE-2019-8616
2019-12-18 17:33:19
openvas
openvas
Apple Mac OS X Security Updates (HT210119) - 01
2019-05-14 00:00:00
nessus
nessus
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)
2019-05-15 00:00:00
macOS 10.x < 10.14.5 Multiple Vulnerabilities (APPLE-SA-2019-05-09)
2019-05-16 00:00:00
macOS 10.14.x < 10.14.5 Multiple Vulnerabilities
2019-05-15 00:00:00
apple
apple