CVE-2020-3883

Published: Apr 1, 2020Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to use arbitrary entitlements.

Affected (5)

Products: Apple: Ipad Os, Iphone Os, Mac Os X, Tvos, Watchos

5 products

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Apple Ipad Os	Before 13.4
Apple Iphone Os	Before 13.4
Apple Mac Os X	Before 10.15.4
Apple Tvos	Before 13.4
Apple Watchos	Before 6.2

References (8)

https://support.apple.com/HT211100

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211101

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211102

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211103

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211100

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211101

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211102

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211103

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.