cbcvebase.
CVE-2020-3837
published 2020-02-27

CVE-2020-3837: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-07-18
Exploited in the wild
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

Affected

9 ranges
VendorProductVersion rangeFixed in
appleios>= unspecified < iOS 13.3.1 and iPadOS 13.3.1iOS 13.3.1 and iPadOS 13.3.1
appleipados< 13.3.113.3.1
appleiphone_os< 13.3.113.3.1
applemac_os_x< 10.15.310.15.3
applemacos>= unspecified < macOS Catalina 10.15.3macOS Catalina 10.15.3
appletvos< 13.3.113.3.1
appletvos>= unspecified < tvOS 13.3.1tvOS 13.3.1
applewatchos< 6.1.26.1.2
applewatchos>= unspecified < watchOS 6.1.2watchOS 6.1.2

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH