CVE-2019-7287

HIGHCISA KEV

7.8

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.

CVE Details

CVSS v3.1 Score7.8

SeverityHIGH

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredNONE

User InteractionREQUIRED

Published12/18/2019

Last Modified10/23/2025

Sourcekev

Honeypot Sightings0

CISA KEV

VendorApple

ProductiOS

Vulnerability NameApple iOS Memory Corruption Vulnerability

KEV Date Added2022-05-23

Remediation Due Date2022-06-13

Ransomware UseUnknown

Affected Products

apple:iphone_os

Weaknesses (CWE)

CWE-787CWE-787

References

https://support.apple.com/HT209520(product-security@apple.com)

https://support.apple.com/HT209520(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7287(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.