CVE-2019-8760
MEDIUM WAF: Low
CVSS 6.8
Published: 2019-12-18
CWE-287
This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| apple | iphone_os | up to 13.0 |
References
- support.apple.com (Vendor Advisory)