Home

CVE-2019-8656

Description

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
3.766

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in macOS Mojave 10.14.6Mac
Multiple vulnerabilities are fixed in macOS Mojave 10.14.6 Combo UpdateMac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602004macOS Mojave 10.14.6
PATCH-602005macOS Mojave 10.14.6 Combo Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234