CVE-2020-3860: Input Validation

Reference Links

• https://support.apple.com/en-us/HT210918 (Advisory)
• https://support.apple.com/en-us/HT210921 (Advisory)
• https://support.apple.com/HT210918
• https://support.apple.com/HT210921

Parent vulnerabilities

(Appears in the following advisories)

• HT210918
• HT210921

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2020-3857
• CVE-2020-3869
• CVE-2020-3855
• CVE-2020-3826
• CVE-2020-3870
• CVE-2020-3878
• CVE-2020-3880
• CVE-2020-3837
• CVE-2019-8836
• CVE-2020-3840
• CVE-2020-3875
• CVE-2020-3872
• CVE-2020-3836
• CVE-2020-3842
• CVE-2020-3858
• CVE-2020-3831
• CVE-2020-3853
• CVE-2020-3860
• CVE-2020-3846
• CVE-2020-3856
• CVE-2020-3829
• CVE-2020-3873
• CVE-2020-3859
• CVE-2020-3844
• CVE-2020-3828
• CVE-2020-3841
• CVE-2020-3874
• CVE-2020-3862
• CVE-2020-3825
• CVE-2020-3868
• CVE-2020-3867
• CVE-2020-3864
• CVE-2020-3865
• CVE-2020-3843
• CVE-2020-3838
• CVE-2020-3877
• CVE-2020-3834

Frequently Asked Questions

• What is CVE-2020-3860?

  CVE-2020-3860 is a kernel memory corruption issue addressed with improved input validation.

• Which software are affected by CVE-2020-3860?

  The software affected by CVE-2020-3860 are Apple watchOS 6.1.2, Apple iOS up to and excluding 13.3.1, and Apple iPadOS up to and excluding 13.3.1.

• What is the severity of CVE-2020-3860?

  The severity of CVE-2020-3860 is not specified.

• How can I fix CVE-2020-3860?

  To fix CVE-2020-3860, update your Apple watchOS to version 6.1.2, iOS to a version later than 13.3.1, or iPadOS to a version later than 13.3.1.

• Where can I find more information about CVE-2020-3860?

  You can find more information about CVE-2020-3860 on the Apple support website using the following links: [support.apple.com/en-us/HT210921](https://support.apple.com/en-us/HT210921) and [support.apple.com/en-us/HT210918](https://support.apple.com/en-us/HT210918).