CVE-2019-7287
CVE-2019-7287
In short
A flaw in iOS 12.1.4 allows an app to run malicious code with the highest system privileges, potentially taking complete control of your device. This happens because the system didn't properly validate certain inputs before using them.
Technical detail
Memory corruption vulnerability in iOS 12.1.4 (CWE-787: out-of-bounds write) allowing arbitrary code execution with kernel privileges. Exploitation requires a malicious app with no special permissions; the vulnerability is triggered through improper input validation during memory operations.
Summary generated and translated by AI from the official description.
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Apple · iOSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →