vulnerability

OS X update for CallKit (CVE-2019-8856)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Dec 11, 2019	Dec 11, 2019	Nov 2, 2020

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Dec 11, 2019

Added

Dec 11, 2019

Modified

Nov 2, 2020

Description

An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans.

Solution

apple-osx-upgrade-10_15_2

References

CVE-2019-8856
https://attackerkb.com/topics/CVE-2019-8856
URL-https://support.apple.com/kb/HT210788

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today