First published: Mon May 18 2020(Updated: )
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
Credit: Tielei Wang Pangu Labderrek @derrekr6 Tielei Wang Pangu Labderrek @derrekr6 Tielei Wang Pangu Labderrek @derrekr6 Tielei Wang Pangu Labderrek @derrekr6 product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple watchOS | <6.2.5 | 6.2.5 |
Apple macOS Catalina | <10.15.5 | 10.15.5 |
Apple Mojave | ||
Apple High Sierra | ||
Apple tvOS | <13.4.5 | 13.4.5 |
Apple iPadOS | <13.5 | |
Apple iPhone OS | <13.5 | |
Apple Mac OS X | <10.15.5 | |
Apple tvOS | <13.4.5 | |
Apple watchOS | <6.2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-9812 is an information disclosure issue in the Kernel that has been addressed with improved state management.
CVE-2020-9812 affects Apple watchOS version up to 6.2.5, Apple macOS Catalina version up to 10.15.5, Apple iOS version up to 13.5, Apple iPadOS version up to 13.5, and Apple tvOS version up to 13.4.5.
To fix CVE-2020-9812, update your software to the specified remedy versions provided by Apple for the respective affected products.
You can find more information about CVE-2020-9812 on the Apple support website. Here are the references provided by Apple: [1](https://support.apple.com/en-us/HT211175), [2](https://support.apple.com/en-us/HT211170), [3](https://support.apple.com/en-us/HT211168).