CVE-2019-8856 Vulnerability Details

  /     /     /  

CVE-2019-8856 Metadata Quick Info

CVE Published: 27/10/2020 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: apple | Vendor: Apple | Product: iOS and iPadOS
Status : PUBLISHED

---

CVE-2019-8856 Description

An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans
Source: Apple

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).