Out-of-bounds Write Vulnerability in Apple iOS and macOS Products
CVE-2020-9790

8.8HIGH

Key Information:

Vendor
Apple
Status
iOS
Mac OS
TV OS
Watch OS
Vendor
CVE Published:
9 June 2020

Summary

This vulnerability arises from an out-of-bounds write issue that can occur when processing specially crafted images. If exploited, it can allow an attacker to execute arbitrary code on affected Apple devices. The issue has been addressed with enhanced bounds checking in the latest versions of iOS, iPadOS, macOS, and other Apple software, thereby mitigating the risk of exploitation.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://support.apple.com/HT211168
x_refsource_MISC
https://support.apple.com/HT211170
x_refsource_MISC
https://support.apple.com/HT211171
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.