CVE-2020-9859
published 2020-06-05CVE-2020-9859: A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | >= unspecified < iOS 13.5.1 and iPadOS 13.5.1 | iOS 13.5.1 and iPadOS 13.5.1 |
| apple | ipados | < 13.5.1 | 13.5.1 |
| apple | iphone_os | < 13.5.1 | 13.5.1 |
| apple | mac_os_x | < 10.15.5 | 10.15.5 |
| apple | macos | >= unspecified < macOS Catalina 10.15.5 Supplemental Update | macOS Catalina 10.15.5 Supplemental Update |
| apple | tvos | < 13.4.6 | 13.4.6 |
| apple | tvos | >= unspecified < tvOS 13.4.6 | tvOS 13.4.6 |
| apple | watchos | < 6.2.6 | 6.2.6 |
| apple | watchos | >= unspecified < watchOS 6.2.6 | watchOS 6.2.6 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH