About the security content of watchOS 6
This document describes the security content of watchOS 6.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
watchOS 6
Audio
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
CVE-2019-8706: Yu Zhou of Ant-Financial Light-Year Security Lab
Audio
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted audio file may disclose restricted memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative
CFNetwork
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to a cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
CoreAudio
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted movie may result in the disclosure of process memory
Description: A memory corruption issue was addressed with improved validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
CoreCrypto
Available for: Apple Watch Series 3 and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved input validation.
CVE-2019-8741: Nicky Mouha of NIST
Foundation
Available for: Apple Watch Series 3 and later
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019-8746: natashenka and Samuel Groß of Google Project Zero
IOUSBDeviceFamily
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed with improved entitlements.
CVE-2019-8703: an anonymous researcher
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption vulnerability was addressed with improved locking.
CVE-2019-8740: Mohamed Ghannam (@_simo36)
Kernel
Available for: Apple Watch Series 3 and later
Impact: A local app may be able to read a persistent account identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Kernel
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to determine kernel memory layout
Description: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
libxml2
Available for: Apple Watch Series 3 and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
mDNSResponder
Available for: Apple Watch Series 3 and later
Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt
UIFoundation
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted text file may lead to arbitrary code execution
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
UIFoundation
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2019-8710: found by OSS-Fuzz
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8773: found by OSS-Fuzz
Wi-Fi
Available for: Apple Watch Series 3 and later
Impact: A device may be passively tracked by its Wi-Fi MAC address
Description: A user privacy issue was addressed by removing the broadcast MAC address.
CVE-2019-8854: Ta-Lun Yen of UCCU Hacker and FuriousMacTeam of the United States Naval Academy and the Mitre Cooperation
Additional recognition
Audio
We would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School, James Seeley (@Code4iOS) of Shriver Job Corps for their assistance.
Safari
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, cc working with Trend Micro's Zero Day Initiative for their assistance.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.