CVE-2020-9839: Race Condition
First published: Mon May 18 2020(Updated: )
A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges.
Credit: @jinmo123 @setuid0x0_ @insu_yun_en Trend Micro product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| tvOS | <13.4.5 | 13.4.5 |
| macOS Catalina | <10.15.5 | 10.15.5 |
| macOS Mojave | ||
| macOS High Sierra | ||
| Apple iOS, iPadOS, and watchOS | <13.5 | 13.5 |
| Apple iOS, iPadOS, and watchOS | <13.5 | 13.5 |
| Apple iOS, iPadOS, and watchOS | <6.2.5 | 6.2.5 |
| Apple iOS, iPadOS, and watchOS | <13.5 | |
| iOS | <13.5 | |
| Apple iOS and macOS | <10.15.5 | |
| tvOS | <13.4.5 | |
| Apple iOS, iPadOS, and watchOS | <6.2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT211168 (Advisory)
- https://support.apple.com/en-us/HT211170 (Advisory)
- https://support.apple.com/en-us/HT211171 (Advisory)
- https://support.apple.com/en-us/HT211175 (Advisory)
- https://support.apple.com/HT211168
- https://support.apple.com/HT211170
- https://support.apple.com/HT211171
- https://support.apple.com/HT211175
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-9827
- CVE-2020-9842
- CVE-2020-9815
- CVE-2020-9791
- CVE-2020-9829
- CVE-2020-9816
- CVE-2020-3878
- CVE-2020-9789
- CVE-2020-9790
- CVE-2020-9837
- CVE-2020-9821
- CVE-2020-9797
- CVE-2020-9852
- CVE-2020-9795
- CVE-2020-9808
- CVE-2020-9811
- CVE-2020-9812
- CVE-2020-9813
- CVE-2020-9814
- CVE-2020-9809
- CVE-2020-9994
- CVE-2014-9512
- CVE-2020-9854
- CVE-2020-9794
- CVE-2020-9839
- CVE-2020-9805
- CVE-2020-9802
- CVE-2020-9850
- CVE-2020-9843
- CVE-2020-9803
- CVE-2020-9806
- CVE-2020-9807
- CVE-2020-9800
- CVE-2019-20503
- CVE-2020-9772
- CVE-2020-9826
- CVE-2020-9804
- CVE-2020-9831
- CVE-2020-9779
- CVE-2020-3882
- CVE-2020-9828
- CVE-2020-9856
- CVE-2020-9847
- CVE-2020-9855
- CVE-2020-9822
- CVE-2020-9796
- CVE-2019-14868
- CVE-2020-9857
- CVE-2020-9817
- CVE-2020-9851
- CVE-2020-9793
- CVE-2020-9825
- CVE-2020-9771
- CVE-2020-9788
- CVE-2020-9824
- CVE-2020-9810
- CVE-2020-9792
- CVE-2020-9844
- CVE-2020-9830
- CVE-2020-9834
- CVE-2020-9833
- CVE-2020-9832
- CVE-2020-9841
- CVE-2019-20044
- CVE-2020-6616
- CVE-2020-9838
- CVE-2020-9835
- CVE-2020-9820
- CVE-2020-9819
- CVE-2020-9818
- CVE-2020-9823
- CVE-2020-9848
Frequently Asked Questions
What is CVE-2020-9839?
CVE-2020-9839 is a vulnerability in System Preferences that was addressed with improved state handling.
What is the severity of CVE-2020-9839?
The severity of CVE-2020-9839 is not specified.
Which software versions are affected by CVE-2020-9839?
watchOS 6.2.5, macOS Catalina 10.15.5, Mojave, High Sierra, iOS 13.5, iPadOS 13.5, and tvOS 13.4.5 are affected by CVE-2020-9839.
How can I fix CVE-2020-9839?
To fix CVE-2020-9839, update to the recommended versions provided by Apple.
Where can I find more information about CVE-2020-9839?
You can find more information about CVE-2020-9839 on the following Apple support pages: [link1](https://support.apple.com/en-us/HT211175), [link2](https://support.apple.com/en-us/HT211170), [link3](https://support.apple.com/en-us/HT211168).
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/tvos
- canonical/macos catalina
- canonical/macos mojave
- canonical/macos high sierra
- canonical/apple ios, ipados, and watchos
- canonical/ios
- canonical/apple ios and macos