Out-of-Bounds Read in Apple Products from Various Platforms
CVE-2020-9794

8.1HIGH

Key Information:

Vendor

Apple
Status
iOS
Mac OS
TV OS
Watch OS
Vendor
CVE Published:
9 June 2020

What is CVE-2020-9794?

This vulnerability involves an out-of-bounds read in various Apple products which has been addressed with improved bounds checking. A malicious application could exploit this flaw to cause a denial of service or disclose memory contents, potentially compromising user data. The issue affects several operating systems, including iOS and macOS, and has been mitigated in the latest updates.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://support.apple.com/HT211168
x_refsource_MISC
https://support.apple.com/HT211170
x_refsource_MISC
https://support.apple.com/HT211171
x_refsource_MISC

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.