Apple: >> Iphone Os >> 1.0.1 Security Vulnerabilities
The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos .
CVSS Score
9.8
EPSS Score
0.005
Published
2020-10-27
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-10-27
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-10-27
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-10-27
This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-10-27
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-10-27
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-10-27
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-10-27
A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock screen.
CVSS Score
7.1
EPSS Score
0.001
Published
2020-10-27
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, watchOS 5, iOS 12, tvOS 12, macOS Mojave 10.14. A malicious application may be able to modify protected parts of the file system.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-10-27