Apple macOS Use-After-Free Vulnerability - 20230418001¶
Overview¶
The WA SOC has observed reports of a vulnerability in older Apple macOS versions currently being exploited.
The exploit allows an application to gain elevated privileges through the exploitation of a 'use after free' memory management vulnerability.
What is the vulnerability?¶
CVE-2019-8526 - CVSS v3 Base Score: 7.8
What is vulnerable?¶
The vulnerability affects the following products:
- Apple macOS up to (excluding) 10.14.4
What has been observed?¶
CISA has listed this vulnerabilty in their Known Exploited Vulnerabilties Catalog.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices: Apple Support