CVE-2020-9907
published 2020-10-16CVE-2020-9907: A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-07-18
Exploited in the wild
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | >= unspecified < iOS 13.6 and iPadOS 13.6 | iOS 13.6 and iPadOS 13.6 |
| apple | ios_13.6_and_ipados | — | — |
| apple | ipados | < 13.6 | 13.6 |
| apple | iphone_os | < 13.6 | 13.6 |
| apple | tvos | < 13.4.8 | 13.4.8 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < tvOS 13.4.8 | tvOS 13.4.8 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH