Memory Corruption Vulnerability in Apple Products and Safari Browser
CVE-2020-9803

8.8HIGH

Key Information:

Vendor
Apple
Status
iOS
TV OS
Watch OS
Safari
Vendor
CVE Published:
9 June 2020

Summary

This vulnerability involves a memory corruption issue that was mitigated through enhanced validation processes. Affected products include multiple versions of iOS and iPadOS, as well as Safari and iTunes for Windows. By processing maliciously crafted web content, there exists the potential for arbitrary code execution, which could compromise system integrity and user security. Apple has addressed this issue in their updates to ensure better protection against such threats.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://support.apple.com/HT211168
x_refsource_MISC
https://support.apple.com/HT211171
x_refsource_MISC
https://support.apple.com/HT211175
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.