Sign-up

ID

VAR-201912-0127


CVE

CVE-2019-8760


TITLE

iOS Vulnerabilities related to cryptographic strength

Trust: 0.8

sources: JVNDB: JVNDB-2019-013749

DESCRIPTION

This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Face ID is one of the facial recognition components. There is a security vulnerability in the Face ID component of Apple iOS versions prior to 13. Attackers can use 3D models to exploit this vulnerability for authentication. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-9-26-3 iOS 13 iOS 13 addresses the following: Bluetooth Available for: iPhone 6s and later Impact: Notification previews may show on Bluetooth accessories even when previews are disabled Description: A logic issue existed with the display of notification previews. This issue was addressed with improved validation. CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci (@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi Adana/TÜRKİYE CoreAudio Available for: iPhone 6s and later Impact: Processing a maliciously crafted movie may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved validation. CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial Light-Year Security Lab Foundation Available for: iPhone 6s and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero Keyboards Available for: iPhone 6s and later Impact: A local user may be able to leak sensitive user information Description: An authentication issue was addressed with improved state management. CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC Messages Available for: iPhone 6s and later Impact: A person with physical access to an iOS device may be able to access contacts from the lock screen Description: The issue was addressed by restricting options offered on a locked device. CVE-2019-8742: videosdebarraquito Quick Look Available for: iPhone 6s and later Impact: Processing a maliciously crafted file may disclose user information Description: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT, Yiğit Can YILMAZ (@yilmazcanyigit) Safari Available for: iPhone 6s and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A logic issue was addressed with improved state management. CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5) of Quotient Technology WebKit Page Loading Available for: iPhone 6s and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8674 Additional recognition Bluetooth We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile Networking Lab, Francesco Gringoli of University of Brescia, Dennis Heinze of TU Darmstadt, Secure Mobile Networking Lab for their assistance. Control Center We would like to acknowledge Brandon Sellers for their assistance. Keyboard We would like to acknowledge an anonymous researcher for their assistance. Mail We would like to acknowledge Kenneth Hyndycz for their assistance. Profiles We would like to acknowledge James Seeley (@Code4iOS) of Shriver Job Corps for their assistance. SafariViewController We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NGXUACgkQBz4uGe3y 0M0IaxAAsylDd2Oc5zuJXYgbN/WXihPF0k8Swhxypi65S1NbMLMrvL64NDPEpp2W BQ10PBqcPR4KDEnxTBn4AbcMPJE+U9LDcclv8+L2mopbjhQKBOKbCnWuxTfN2wk7 XfuSci+dFA4mQ3GPX6s+2+vqT59O001QeOQqvSDxBFsjlQTW1Vq96YHHb0KC4tDO r3nZZWboCPpVNkyXdFwKd6m+eqqMJaMNTj5el/5AZ3H7ynSe7sKI/gvZWgZSj/Nj hnbHIEAVCBwBzLY+3MQ8qNKi3M/gDbTYkuEj0+yUZ45gfj/ZgOyznggkn1yXA/Qw 7Uo1W1u75M3tHx1citWdQAq3UsGT8yxMQkYyZzU0h7bwNR6k6jy7NblAYEGNaas9 aMBxkL80QR8HvQmalMHgexC/bgg8grmf0ZzBmJcW9/zdYXcwPPn3dcukLQqXNo4o CgBDmLScJS9/0ULAk1MUgtb+FgmgI+u4pKqr6BRuEOCuyU8Pu4t0DzG/g7sVdCf4 EzVTrYjFLstd+waAj0TD4fCMDzrtc920Kfetxoq0tUkBj25KrWLrkhzgVCRd+GP8 o4IMT1AVuwxdmUQxsaQIC7qRWtYOwsGD4eSYXyZWfNvhacRm7QCNVGcYiw7bdd/u Q6eST5657wg/kFHQybkilyZ2DhyToMzW6kBkbXazY2ITiAegwp8= =uZLp -----END PGP SIGNATURE-----

Trust: 1.8

sources: NVD: CVE-2019-8760 // JVNDB: JVNDB-2019-013749 // VULHUB: VHN-160195 // PACKETSTORM: 154641

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:13.0

Trust: 1.0

vendor:applemodel:iosscope:ltversion:13 (iphone x or later )

Trust: 0.8

sources: JVNDB: JVNDB-2019-013749 // NVD: CVE-2019-8760

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-8760
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-8760
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201909-1283
value: MEDIUM

Trust: 0.6

VULHUB: VHN-160195
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-8760
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-160195
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-8760
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-8760
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-160195 // JVNDB: JVNDB-2019-013749 // CNNVD: CNNVD-201909-1283 // NVD: CVE-2019-8760

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

problemtype:CWE-326

Trust: 0.8

sources: VULHUB: VHN-160195 // JVNDB: JVNDB-2019-013749 // NVD: CVE-2019-8760

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201909-1283

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-013749

PATCH
title:HT210606url:https://support.apple.com/en-us/HT210606
Trust: 0.8
title:HT210606url:https://support.apple.com/ja-jp/HT210606
Trust: 0.8
title:Apple iOS Face ID Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98670
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-013749 // 
            
            
            
            CNNVD: CNNVD-201909-1283

EXTERNAL IDS
db:NVDid:CVE-2019-8760
Trust: 2.6
db:JVNDBid:JVNDB-2019-013749
Trust: 0.8
db:CNNVDid:CNNVD-201909-1283
Trust: 0.7
db:AUSCERTid:ESB-2019.3642
Trust: 0.6
db:VULHUBid:VHN-160195
Trust: 0.1
db:PACKETSTORMid:154641
Trust: 0.1
sources:
            
            
            VULHUB: VHN-160195 // 
            
            
            
            JVNDB: JVNDB-2019-013749 // 
            
            
            
            PACKETSTORM: 154641 // 
            
            
            
            CNNVD: CNNVD-201909-1283 // 
            
            
            
            NVD: CVE-2019-8760

REFERENCES
url:https://support.apple.com/ht210606
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-8760
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8760
Trust: 0.8
url:https://support.apple.com/en-au/ht210606
Trust: 0.6
url:https://support.apple.com/en-us/ht210606
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-ios-12-multiple-vulnerabilities-30457
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3642/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-8641
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8727
Trust: 0.1
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8711
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8742
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8705
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8704
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8674
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-8731
Trust: 0.1
sources:
            
            
            VULHUB: VHN-160195 // 
            
            
            
            JVNDB: JVNDB-2019-013749 // 
            
            
            
            PACKETSTORM: 154641 // 
            
            
            
            CNNVD: CNNVD-201909-1283 // 
            
            
            
            NVD: CVE-2019-8760

CREDITS
Wish Wu ( Wu Weichen  @wish_wu) of Ant-financial Light-Year Security Lab
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201909-1283

SOURCES
db:VULHUBid:VHN-160195
db:JVNDBid:JVNDB-2019-013749
db:PACKETSTORMid:154641
db:CNNVDid:CNNVD-201909-1283
db:NVDid:CVE-2019-8760

LAST UPDATE DATE
2024-11-23T20:39:57.498000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-160195date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2019-013749date:2020-01-16T00:00:00
db:CNNVDid:CNNVD-201909-1283date:2021-10-29T00:00:00
db:NVDid:CVE-2019-8760date:2024-11-21T04:50:25.597

SOURCES RELEASE DATE
db:VULHUBid:VHN-160195date:2019-12-18T00:00:00
db:JVNDBid:JVNDB-2019-013749date:2020-01-16T00:00:00
db:PACKETSTORMid:154641date:2019-09-27T15:01:11
db:CNNVDid:CNNVD-201909-1283date:2019-09-27T00:00:00
db:NVDid:CVE-2019-8760date:2019-12-18T18:15:39.257