What is the vulnerability ID of this issue?

The vulnerability ID is CVE-2020-9829.

What is the title of this vulnerability?

The title of this vulnerability is CoreText. A validation issue was addressed with improved input sanitization.

What software versions are affected by this vulnerability?

The vulnerability affects macOS Catalina 10.15.4, Apple Mojave, Apple High Sierra, Apple watchOS up to version 6.2.5, Apple iOS up to version 13.5, Apple iPadOS up to version 13.5, and Apple tvOS up to version 13.4.5.

How can I fix this vulnerability?

To fix this vulnerability, update your software to the recommended versions: macOS Catalina 10.15.4, watchOS 6.2.6, iOS 13.5.1, iPadOS 13.5.1, and tvOS 13.4.6.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the Apple support website: [link1], [link2], [link3].

Vulnerability/
CVE-2020-9829

medium

6.5

CWE

24/3/2020

9/6/2020

4/8/2024

CVE-2020-9829: Input Validation

First published: Tue Mar 24 2020(Updated: )

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted text message may lead to application denial of service.

Credit: Aaron Perris @aaronp613 an anonymous researcher an anonymous researcher Carlos S Tech Sam Menzies SamSufiyan Gouri Lovely Professional UniversityIndia Suleman Hasan Rathor ArabicAaron Perris @aaronp613 an anonymous researcher an anonymous researcher Carlos S Tech Sam Menzies SamSufiyan Gouri Lovely Professional UniversityIndia Suleman Hasan Rathor ArabicAaron Perris @aaronp613 an anonymous researcher an anonymous researcher Carlos S Tech Sam Menzies SamSufiyan Gouri Lovely Professional UniversityIndia Suleman Hasan Rathor ArabicAaron Perris @aaronp613 an anonymous researcher an anonymous researcher Carlos S Tech Sam Menzies SamSufiyan Gouri Lovely Professional UniversityIndia Suleman Hasan Rathor Arabic product-security@apple.com

Affected Software	Affected Version	How to fix
Apple macOS Catalina	<10.15.4	10.15.4
Apple Mojave
Apple High Sierra
Apple iOS	<13.5	13.5
Apple iPadOS	<13.5	13.5
Apple tvOS	<13.4.5	13.4.5
Apple watchOS	<6.2.5	6.2.5
Apple iPadOS	<13.5
Apple iPhone OS	<13.5
Apple tvOS	<13.4.5
Apple watchOS	<6.2.5

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT211100 (Advisory)
https://support.apple.com/en-us/HT211168 (Advisory)
https://support.apple.com/en-us/HT211171 (Advisory)
https://support.apple.com/en-us/HT211175 (Advisory)
https://support.apple.com/HT211168
https://support.apple.com/HT211171
https://support.apple.com/HT211175

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2020-9772
CVE-2020-3903
CVE-2020-3904
CVE-2020-3883
CVE-2020-6616
CVE-2020-9853
CVE-2020-3907
CVE-2020-3908
CVE-2020-3912
CVE-2020-9779
CVE-2020-3892
CVE-2020-3893
CVE-2020-3905
CVE-2019-8853
CVE-2020-9776
CVE-2020-9828
CVE-2020-3913
CVE-2020-9829
CVE-2020-3898
CVE-2020-3881
CVE-2020-3886
CVE-2019-14615
CVE-2020-3919
CVE-2020-3851
CVE-2020-3896
CVE-2020-3914
CVE-2020-9785
CVE-2020-3909
CVE-2020-3911
CVE-2020-3910
CVE-2020-3884
CVE-2020-3915
CVE-2020-9775
CVE-2020-9771
CVE-2020-3918
CVE-2019-19232
CVE-2020-9786
CVE-2020-3906
CVE-2020-3889
CVE-2020-9769
CVE-2020-9787
CVE-2020-3902
CVE-2020-9827
CVE-2020-9842
CVE-2020-9815
CVE-2020-9791
CVE-2020-9816
CVE-2020-3878
CVE-2020-9789
CVE-2020-9790
CVE-2020-9821
CVE-2020-9797
CVE-2020-9852
CVE-2020-9795
CVE-2020-9808
CVE-2020-9811
CVE-2020-9812
CVE-2020-9813
CVE-2020-9814
CVE-2020-9809
CVE-2020-9994
CVE-2020-9819
CVE-2020-9818
CVE-2014-9512
CVE-2020-9794
CVE-2020-9839
CVE-2020-9805
CVE-2020-9802
CVE-2020-9850
CVE-2020-9843
CVE-2020-9803
CVE-2020-9806
CVE-2020-9807
CVE-2020-9800
CVE-2019-20503
CVE-2020-9837
CVE-2020-9854
CVE-2020-9826
CVE-2020-9838
CVE-2020-9835
CVE-2020-9820
CVE-2020-9823
CVE-2020-9848
CVE-2020-9825
CVE-2020-9792
CVE-2020-9844
CVE-2020-9830

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2020-9829.
What is the title of this vulnerability?
The title of this vulnerability is CoreText. A validation issue was addressed with improved input sanitization.
What software versions are affected by this vulnerability?
The vulnerability affects macOS Catalina 10.15.4, Apple Mojave, Apple High Sierra, Apple watchOS up to version 6.2.5, Apple iOS up to version 13.5, Apple iPadOS up to version 13.5, and Apple tvOS up to version 13.4.5.
How can I fix this vulnerability?
To fix this vulnerability, update your software to the recommended versions: macOS Catalina 10.15.4, watchOS 6.2.6, iOS 13.5.1, iPadOS 13.5.1, and tvOS 13.4.6.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Apple support website: [link1], [link2], [link3].

agent/type
agent/softwarecombine
agent/first-publish-date
collector/apple-support
agent/software-canonical-lookup-request
collector/nvd-index
agent/weakness
agent/references
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/tags
agent/source
vendor/apple
canonical/apple macos catalina
canonical/apple mojave
canonical/apple high sierra
canonical/apple watchos
canonical/apple ipados
canonical/apple iphone os
canonical/apple tvos
canonical/apple ios