What is CVE-2020-9971?

CVE-2020-9971 is a vulnerability in libxpc that was addressed with improved validation.

Who is affected by CVE-2020-9971?

Users of Apple watchOS 7.0, macOS Big Sur 11.0.1, iOS 14.0, iPadOS 14.0, and tvOS 14.0 are affected by CVE-2020-9971.

What is the severity of CVE-2020-9971?

The severity of CVE-2020-9971 is not specified in the provided information.

How do I fix CVE-2020-9971?

To fix CVE-2020-9971, it is recommended to update to the latest version of Apple watchOS, macOS Big Sur, iOS, iPadOS, or tvOS depending on the affected software.

Where can I find more information about CVE-2020-9971?

You can find more information about CVE-2020-9971 on the Apple support website. For watchOS, visit: [https://support.apple.com/en-us/HT211843](https://support.apple.com/en-us/HT211843) For macOS Big Sur, visit: [https://support.apple.com/en-us/HT211844](https://support.apple.com/en-us/HT211844) For iOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850) For iPadOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850) For tvOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850)

Vulnerability/
CVE-2020-9971

high

7.8

16/9/2020

2/4/2021

4/8/2024

CVE-2020-9971

First published: Wed Sep 16 2020(Updated: )

A logic issue was addressed with improved validation. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. A malicious application may be able to elevate privileges.

Credit: Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu Lab product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iPadOS	<14.0
Apple iPhone OS	<14.0
Apple macOS	>=11.0<11.0.1
Apple tvOS	<14.0
Apple watchOS	<7.0
Apple iOS	<14.0	14.0
Apple iPadOS	<14.0	14.0
Apple macOS Big Sur	<11.0.1	11.0.1
Apple watchOS	<7.0	7.0
Apple tvOS	<14.0	14.0

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT211843 (Advisory)
https://support.apple.com/en-us/HT211844 (Advisory)
https://support.apple.com/en-us/HT211850 (Advisory)
https://support.apple.com/en-us/HT211931 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2020-27914
CVE-2020-27915
CVE-2020-27903
CVE-2020-27910
CVE-2020-27916
CVE-2020-9943
CVE-2020-9944
CVE-2020-27906
CVE-2020-27945
CVE-2020-27908
CVE-2020-27909
CVE-2020-9960
CVE-2020-10017
CVE-2020-9949
CVE-2020-9897
CVE-2020-9883
CVE-2020-10003
CVE-2020-27922
CVE-2020-9999
CVE-2020-27937
CVE-2020-9965
CVE-2020-9966
CVE-2020-27894
CVE-2020-36615
CVE-2021-1790
CVE-2021-1775
CVE-2020-29629
CVE-2020-27942
CVE-2020-9962
CVE-2020-27952
CVE-2020-9956
CVE-2020-27931
CVE-2020-27930
CVE-2020-27927
CVE-2020-29639
CVE-2020-10002
CVE-2020-9978
CVE-2020-9955
CVE-2020-27924
CVE-2020-27912
CVE-2020-27923
CVE-2020-9876
CVE-2020-10015
CVE-2020-27897
CVE-2020-27907
CVE-2020-27919
CVE-2020-9967
CVE-2020-9975
CVE-2020-27921
CVE-2020-27904
CVE-2019-14899
CVE-2020-27950
CVE-2020-9974
CVE-2020-10016
CVE-2020-27932
CVE-2020-27917
CVE-2020-27920
CVE-2020-27911
CVE-2020-9971
CVE-2020-10014
CVE-2020-10010
CVE-2020-9941
CVE-2020-9988
CVE-2020-9989
CVE-2020-10011
CVE-2020-13524
CVE-2020-10004
CVE-2020-9996
CVE-2020-27901
CVE-2020-27900
CVE-2019-20838
CVE-2020-14155
CVE-2020-10007
CVE-2020-27896
CVE-2020-9963
CVE-2020-10012
CVE-2020-10663
CVE-2020-9945
CVE-2020-9977
CVE-2020-9942
CVE-2020-9987
CVE-2021-1803
CVE-2020-9969
CVE-2020-27893
CVE-2021-1755
CVE-2020-10005
CVE-2020-9991
CVE-2020-9849
CVE-2020-15358
CVE-2020-13631
CVE-2020-13434
CVE-2020-13435
CVE-2020-13630
CVE-2020-27899
CVE-2020-10009
CVE-2020-10008
CVE-2020-27918
CVE-2020-9947
CVE-2020-9950
CVE-2020-27898
CVE-2020-27935
CVE-2020-10006
CVE-2020-9954
CVE-2020-36521
CVE-2020-9961
CVE-2020-9976
CVE-2020-9981
CVE-2020-9946
CVE-2020-9993
CVE-2020-9968
CVE-2020-9951
CVE-2020-9983
CVE-2020-9952
CVE-2020-9979
CVE-2020-10013
CVE-2020-9958
CVE-2020-9773
CVE-2020-9992
CVE-2020-9964
CVE-2020-13520
CVE-2020-6147
CVE-2020-9972
CVE-2020-9973
CVE-2020-9959

Frequently Asked Questions

What is CVE-2020-9971?
CVE-2020-9971 is a vulnerability in libxpc that was addressed with improved validation.
Who is affected by CVE-2020-9971?
Users of Apple watchOS 7.0, macOS Big Sur 11.0.1, iOS 14.0, iPadOS 14.0, and tvOS 14.0 are affected by CVE-2020-9971.
What is the severity of CVE-2020-9971?
The severity of CVE-2020-9971 is not specified in the provided information.
How do I fix CVE-2020-9971?
To fix CVE-2020-9971, it is recommended to update to the latest version of Apple watchOS, macOS Big Sur, iOS, iPadOS, or tvOS depending on the affected software.
Where can I find more information about CVE-2020-9971?
You can find more information about CVE-2020-9971 on the Apple support website. For watchOS, visit: [https://support.apple.com/en-us/HT211843](https://support.apple.com/en-us/HT211843) For macOS Big Sur, visit: [https://support.apple.com/en-us/HT211844](https://support.apple.com/en-us/HT211844) For iOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850) For iPadOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850) For tvOS, visit: [https://support.apple.com/en-us/HT211850](https://support.apple.com/en-us/HT211850)

agent/references
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
collector/apple-support
agent/software-canonical-lookup-request
collector/nvd-index
agent/author
agent/severity
agent/tags
agent/event
agent/description
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple macos big sur
canonical/apple watchos
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos
version/apple macos/11.0
canonical/apple tvos
canonical/apple ios