First published: Mon May 18 2020(Updated: )
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Credit: Xinru Chi Pangu LabXinru Chi Tielei Wang Pangu LabXinru Chi Pangu LabXinru Chi Tielei Wang Pangu LabXinru Chi Pangu LabXinru Chi Tielei Wang Pangu LabXinru Chi Pangu LabXinru Chi Tielei Wang Pangu Lab product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple watchOS | <6.2.5 | 6.2.5 |
Apple tvOS | <13.4.5 | 13.4.5 |
Apple watchOS | <6.2.5 | |
Apple iPadOS | <13.5 | |
Apple iPhone OS | <13.5 | |
Apple Mac OS X | <10.15.5 | |
Apple tvOS | <13.4.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2020-9814.
The affected software includes Apple watchOS up to version 6.2.5, macOS Catalina up to version 10.15.5, Apple iOS up to version 13.5, Apple iPadOS up to version 13.5, Apple tvOS up to version 13.4.5, Apple Mojave, and Apple High Sierra.
The severity of CVE-2020-9814 is not specified in the information provided.
To fix CVE-2020-9814, update your software to the latest version provided by Apple.
You can find more information about CVE-2020-9814 on the Apple support website.