CVE-2020-9828: Input Validation
First published: Tue Mar 24 2020(Updated: )
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to leak sensitive user information.
Credit: Jianjun Dai Qihoo 360 Alpha LabJianjun Dai Qihoo 360 Alpha Lab product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mac OS X | <10.15.4 | |
| Apple macOS Catalina | <10.15.5 | 10.15.5 |
| Apple Mojave | ||
| Apple High Sierra |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-9772
- CVE-2020-3903
- CVE-2020-3904
- CVE-2020-3883
- CVE-2020-6616
- CVE-2020-9853
- CVE-2020-3907
- CVE-2020-3908
- CVE-2020-3912
- CVE-2020-9779
- CVE-2020-3892
- CVE-2020-3893
- CVE-2020-3905
- CVE-2019-8853
- CVE-2020-9776
- CVE-2020-9828
- CVE-2020-3913
- CVE-2020-9829
- CVE-2020-3898
- CVE-2020-3881
- CVE-2020-3886
- CVE-2019-14615
- CVE-2020-3919
- CVE-2020-3851
- CVE-2020-3896
- CVE-2020-3914
- CVE-2020-9785
- CVE-2020-3909
- CVE-2020-3911
- CVE-2020-3910
- CVE-2020-3884
- CVE-2020-3915
- CVE-2020-9775
- CVE-2020-9771
- CVE-2020-3918
- CVE-2019-19232
- CVE-2020-9786
- CVE-2020-3906
- CVE-2020-3889
- CVE-2020-9769
- CVE-2020-9787
- CVE-2020-3902
- CVE-2020-9827
- CVE-2020-9826
- CVE-2020-9842
- CVE-2020-9804
- CVE-2020-9815
- CVE-2020-9791
- CVE-2020-9831
- CVE-2020-3882
- CVE-2020-9856
- CVE-2020-9847
- CVE-2020-9855
- CVE-2020-9816
- CVE-2020-3878
- CVE-2020-9789
- CVE-2020-9790
- CVE-2020-9822
- CVE-2020-9796
- CVE-2020-9837
- CVE-2020-9821
- CVE-2020-9797
- CVE-2020-9852
- CVE-2020-9795
- CVE-2020-9808
- CVE-2020-9811
- CVE-2020-9812
- CVE-2020-9813
- CVE-2020-9814
- CVE-2020-9809
- CVE-2019-14868
- CVE-2020-9994
- CVE-2020-9857
- CVE-2020-9817
- CVE-2020-9851
- CVE-2020-9793
- CVE-2014-9512
- CVE-2020-9825
- CVE-2020-9788
- CVE-2020-9854
- CVE-2020-9824
- CVE-2020-9810
- CVE-2020-9794
- CVE-2020-9839
- CVE-2020-9792
- CVE-2020-9844
- CVE-2020-9830
- CVE-2020-9834
- CVE-2020-9833
- CVE-2020-9832
- CVE-2020-9841
- CVE-2019-20044
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-9828.
What is the title of the vulnerability?
The title of the vulnerability is 'CoreBluetooth. An out-of-bounds read was addressed with improved input validation.'
What is the description of the vulnerability?
The vulnerability is related to CoreBluetooth and involves an out-of-bounds read, which has been addressed by improving input validation.
Which software is affected by this vulnerability?
The affected software includes macOS Catalina (up to version 10.15.5), Apple Mojave, and Apple High Sierra.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to update macOS Catalina to version 10.15.5 or later.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple macos catalina
- canonical/apple mojave
- canonical/apple high sierra
- canonical/apple mac os x