NVD Vulnerability Detail

CVE-2019-8612

Summary	A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. An attacker in a privileged network position can modify driver state.
Publication Date	Oct. 28, 2020, 5:15 a.m.
Registration Date	Jan. 26, 2021, 11:44 a.m.
Last Update	Nov. 21, 2024, 1:50 p.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://support.apple.com/en-us/HT209600	Vendor Advisory
2	https://support.apple.com/en-us/HT210118	Vendor Advisory
3	https://support.apple.com/en-us/HT210119	Vendor Advisory
4	https://support.apple.com/en-us/HT210120	Vendor Advisory
5	https://support.apple.com/en-us/HT210122	Vendor Advisory
6	https://support.apple.com/en-us/HT209600	Vendor Advisory
7	https://support.apple.com/en-us/HT210122	Vendor Advisory
8	https://support.apple.com/en-us/HT210120	Vendor Advisory
9	https://support.apple.com/en-us/HT210119	Vendor Advisory
10	https://support.apple.com/en-us/HT210118	Vendor Advisory

Common Vulnerabilities List

JVN Vulnerability Information

複数の Apple 製品におけるロジックの脆弱性

Title	複数の Apple 製品におけるロジックの脆弱性
Summary	複数の Apple 製品には、ステート管理に不備があるため、ロジックの脆弱性が存在します。
Possible impacts	ネットワーク上の特権的な地位にある攻撃者により、ドライバの状態を変更される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	March 25, 2019, midnight
Registration Date	March 4, 2021, 3:41 p.m.
Last Update	March 4, 2021, 3:41 p.m.

Affected System

アップル

Apple Mac OS X 10.12.6

Apple Mac OS X 10.13.6

Apple Mac OS X 10.14.4

iOS 12.3 未満 (iPad Air 以降)

iOS 12.3 未満 (iPhone 5s 以降)

iOS 12.3 未満 (iPod touch 第 6 世代)

tvOS 12.3 未満 (Apple TV 4K)

tvOS 12.3 未満 (Apple TV HD)

watchOS 5.2.1 未満 (Apple Watch Series 1 以降)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2019-8612	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8612
National Vulnerability Database (NVD)
2	CVE-2019-8612	https://nvd.nist.gov/vuln/detail/CVE-2019-8612

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT209600	https://support.apple.com/en-us/HT209600
2	HT210118	https://support.apple.com/en-us/HT210118
3	HT210119	https://support.apple.com/en-us/HT210119
4	HT210120	https://support.apple.com/en-us/HT210120
5	HT210122	https://support.apple.com/en-us/HT210122
Apple セキュリティアップデート
6	HT209600	https://support.apple.com/ja-jp/HT209600
7	HT210118	https://support.apple.com/ja-jp/HT210118
8	HT210119	https://support.apple.com/ja-jp/HT210119
9	HT210120	https://support.apple.com/ja-jp/HT210120
10	HT210122	https://support.apple.com/ja-jp/HT210122

その他

No	Name	URL
JVN
1	JVNVU#93236010	http://jvn.jp/vu/JVNVU93236010/index.html
2	JVNVU#93988385	http://jvn.jp/vu/JVNVU93988385/index.html

Change Log

No	Changed Details	Date of change
1	[2021年03月04日] 掲載	March 4, 2021, 3:41 p.m.