CVE-2020-9960: Input Validation
First published: Wed Sep 16 2020(Updated: )
CoreAudio. An out-of-bounds read was addressed with improved input validation.
Credit: JunDong Xie Xingwei Lin Ant Security LightJunDong Xie Xingwei Lin Ant Security LightJunDong Xie Xingwei Lin Ant Security LightJunDong Xie Xingwei Lin Ant Security LightAnonymous Trend Micro Zero Day InitiativeJunDong Xie Xingwei Lin Ant Security LightJunDong Xie Xingwei Lin Ant Security LightAnonymous Trend Micro Zero Day InitiativeJunDong Xie Xingwei Lin Ant Security LightJunDong Xie Xingwei Lin Ant Security Light product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple watchOS | <7.0 | 7.0 |
| Apple iPadOS | <14.0 | |
| Apple iPhone OS | <14.0 | |
| Apple Mac OS X | >=10.14<10.14.6 | |
| Apple Mac OS X | >=10.15<10.15.7 | |
| Apple Mac OS X | =10.14.6 | |
| Apple Mac OS X | =10.14.6-security_update_2019-001 | |
| Apple Mac OS X | =10.14.6-security_update_2019-002 | |
| Apple Mac OS X | =10.14.6-security_update_2020-001 | |
| Apple Mac OS X | =10.14.6-security_update_2020-002 | |
| Apple Mac OS X | =10.14.6-security_update_2020-003 | |
| Apple Mac OS X | =10.14.6-security_update_2020-004 | |
| Apple Mac OS X | =10.14.6-security_update_2020-005 | |
| Apple Mac OS X | =10.14.6-security_update_2020-006 | |
| Apple Mac OS X | =10.14.6-supplemental_update | |
| Apple Mac OS X | =10.14.6-supplemental_update_2 | |
| Apple Mac OS X | =10.15.7 | |
| Apple Mac OS X | =10.15.7-supplemental_update | |
| Apple macOS | >=11.0<11.1.0 | |
| Apple tvOS | <14.0 | |
| Apple watchOS | <7.0 | |
| Apple tvOS | <14.0 | 14.0 |
| Apple iOS | <14.0 | 14.0 |
| Apple iPadOS | <14.0 | 14.0 |
| Apple macOS | <11.0.1 | 11.0.1 |
| Apple macOS | <11.1 | 11.1 |
| Apple Catalina | ||
| Apple Mojave |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT211843 (Advisory)
- https://support.apple.com/en-us/HT211844 (Advisory)
- https://support.apple.com/en-us/HT211850 (Advisory)
- https://support.apple.com/en-us/HT211931 (Advisory)
- https://support.apple.com/en-us/HT212011 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-9960
- CVE-2020-9954
- CVE-2020-9949
- CVE-2020-9999
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-29629
- CVE-2020-9956
- CVE-2020-9962
- CVE-2020-27931
- CVE-2020-29639
- CVE-2020-9978
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9876
- CVE-2020-9955
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9971
- CVE-2020-9941
- CVE-2020-9989
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9969
- CVE-2020-9968
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-9991
- CVE-2020-15358
- CVE-2020-9849
- CVE-2020-13631
- CVE-2020-13630
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-9979
- CVE-2020-10013
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2019-14899
- CVE-2020-9988
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9996
- CVE-2020-9963
- CVE-2020-9977
- CVE-2020-9959
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-10017
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-27937
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-27942
- CVE-2020-27952
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-10002
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-27921
- CVE-2020-27904
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-27936
- CVE-2020-27941
- CVE-2020-29621
- CVE-2020-29610
- CVE-2020-27948
- CVE-2020-10001
- CVE-2020-27946
- CVE-2020-27943
- CVE-2020-27944
- CVE-2020-29624
- CVE-2020-29608
- CVE-2020-27947
- CVE-2020-29612
- CVE-2020-27939
- CVE-2020-29625
- CVE-2020-29615
- CVE-2020-29616
- CVE-2020-29618
- CVE-2020-29611
- CVE-2020-29617
- CVE-2020-29619
- CVE-2020-27949
- CVE-2020-29620
- CVE-2020-27926
- CVE-2020-29633
- CVE-2020-29614
- CVE-2020-27938
- CVE-2020-29623
- CVE-2020-15969
Frequently Asked Questions
What is CVE-2020-9960?
CVE-2020-9960 is a vulnerability in CoreAudio that allows an attacker to read data beyond the bounds of an array.
How does CVE-2020-9960 affect Apple devices?
CVE-2020-9960 affects Apple devices running various versions of tvOS, iOS, iPadOS, watchOS, macOS Big Sur, Catalina, and Mojave.
What is the severity of CVE-2020-9960?
The severity of CVE-2020-9960 is not provided in the information available.
How can I fix CVE-2020-9960?
To fix CVE-2020-9960, update your Apple device to the latest available version of tvOS, iOS, iPadOS, watchOS, macOS Big Sur, or Catalina.
Where can I find more information about CVE-2020-9960?
You can find more information about CVE-2020-9960 on the Apple support website.
- agent/type
- agent/first-publish-date
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- alias/CVE-2020-27909
- alias/CVE-2020-9960
- agent/tags
- agent/softwarecombine
- agent/source
- vendor/apple
- canonical/apple watchos
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple mac os x
- version/apple mac os x/10.14
- version/apple mac os x/10.15
- version/apple mac os x/10.14.6
- version/apple mac os x/10.14.6-security_update_2019-001
- version/apple mac os x/10.14.6-security_update_2019-002
- version/apple mac os x/10.14.6-security_update_2020-001
- version/apple mac os x/10.14.6-security_update_2020-002
- version/apple mac os x/10.14.6-security_update_2020-003
- version/apple mac os x/10.14.6-security_update_2020-004
- version/apple mac os x/10.14.6-security_update_2020-005
- version/apple mac os x/10.14.6-security_update_2020-006
- version/apple mac os x/10.14.6-supplemental_update
- version/apple mac os x/10.14.6-supplemental_update_2
- version/apple mac os x/10.15.7
- version/apple mac os x/10.15.7-supplemental_update
- canonical/apple macos
- version/apple macos/11.0
- canonical/apple tvos
- canonical/apple ios
- canonical/apple catalina
- canonical/apple mojave