CVE-2020-9800

Published: Jun 9, 2020Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected (8)

Products: Apple: Icloud, Ipados, Iphone Os, Itunes, Mac Os X, Safari, Watchos

7 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apple Icloud	Before 7.19
Apple Icloud	From 11.0 to 11.2
Apple Ipados	Before 13.5
Apple Iphone Os	Before 13.5
Apple Itunes	Before 12.10.7
Apple Mac Os X	Before 10.15.5
Apple Safari	Before 13.1.1
Apple Watchos	Before 6.2.5

Related CWEs

Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References (14)

https://support.apple.com/HT211168

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211171

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211175

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211177

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211178

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211179

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211181

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT211168

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211171

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211175

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211177

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211178

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211179

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/HT211181

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.