Buffer Overflow Vulnerability in Apple Products
CVE-2020-3909

9.8CRITICAL

Key Information:

Vendor
Apple
Status
iOS
Mac OS
TV OS
Watch OS
Vendor
CVE Published:
1 April 2020

Summary

A buffer overflow vulnerability was identified in Apple software components, which could potentially allow an attacker to execute arbitrary code. This issue has been addressed with enhanced bounds checking to improve the security of the affected operating systems and applications. Users are advised to update their devices to the latest versions, including iOS 13.4, macOS Catalina 10.15.4, and others, to mitigate potential risks associated with this vulnerability.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://support.apple.com/HT211100
x_refsource_MISC
https://support.apple.com/HT211102
x_refsource_MISC
https://support.apple.com/HT211101
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.