Memory Management Flaw in Apple Products
CVE-2020-9947

8.8HIGH

Key Information:

Vendor

Apple
Status
TV OS
Watch OS
Safari
iOS And iPad OS
Vendor
CVE Published:
8 December 2020

What is CVE-2020-9947?

A vulnerability in Apple's WebKit affects several of its products due to improper memory management, potentially allowing the execution of arbitrary code through specially crafted web content. This issue has been addressed in various updates across the affected platforms, enhancing security and user protection against such threats.

Affected Version(s)

iCloud for Windows < 11.5

iOS and iPadOS < 14.0

iTunes for Windows < 12.10

References

https://support.apple.com/en-us/HT211843
x_refsource_MISC
https://support.apple.com/en-us/HT211850
x_refsource_MISC
https://support.apple.com/en-us/HT211844
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.