CVE-2020-9906

CRITICAL | Platform: iPadOS | Changelog

CVE Details

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

CVSS 3.1 Score

Metric	Value
Base Score	9.1 (CRITICAL)
Vector	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H`

Weakness

CWE-20
CWE-787

References

Apple Security Advisory
NVD Entry
http://packetstormsecurity.com/files/162119/iOS-macOS-Radio-Proximity-Kernel-Memory-Corruption.html (Third Party Advisory, VDB Entry)
https://support.apple.com/kb/HT211289 (Vendor Advisory)
https://support.apple.com/kb/HT211291 (Vendor Advisory)