CVE-2019-6223

Warnung

EPSS 0.45%
Veröffentlicht 05.03.2019 16:29:02
Zuletzt bearbeitet 28.02.2025 14:53:55
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPhone OS Version < 12.1.4

Apple ≫ macOS X Version < 10.14.3

03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apple iOS and macOS Group Facetime Vulnerability

Schwachstelle

Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user interaction.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.45%	0.627

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

https://support.apple.com/HT209520

Vendor Advisory

Release Notes

https://support.apple.com/HT209521

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2019-6223

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-6223

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-6223

EUVD