Out-of-Bounds Read Vulnerability in Apple Software Products
CVE-2020-9894

4.3MEDIUM

Key Information:

Vendor

Apple
Status
iOS
TV OS
Watch OS
Safari
Vendor
CVE Published:
16 October 2020

What is CVE-2020-9894?

This vulnerability involves an out-of-bounds read condition, which could allow a remote attacker to exploit the flaw. The issue, present in various Apple products, can lead to unexpected application terminations or enable arbitrary code execution due to improper input validation. Apple has released updates to address this issue, reinforcing the security of their operating systems and applications.

Affected Version(s)

iCloud for Windows < unspecified

iCloud for Windows (Legacy) < unspecified

iOS < unspecified

References

https://support.apple.com/HT211288
x_refsource_MISC
https://support.apple.com/HT211290
x_refsource_MISC
https://support.apple.com/HT211291
x_refsource_MISC

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.