CVE-2020-9800 — Type Confusion in Apple Icloud FOR Windows
Severity
8.8HIGHNVD
EPSS
0.8%
top 26.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 9
Latest updateMay 24
Description
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages13 packages
🔴Vulnerability Details
2📋Vendor Advisories
10Oracle▶
Oracle Oracle Fusion Middleware Risk Matrix: Install, config, upgrade (Apache HTTP Server) — CVE-2017-9800↗2020-10-15
Cisco▶
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability↗2020-09-24
Cisco▶
Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability↗2020-09-24
Cisco▶
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability↗2020-09-24
Cisco▶
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability↗2020-09-24