CyberSec.Space Logo
Back to CVE Browser

CVE-2020-9907

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score66.5980%
EPSS Percentile97.19th
PublishedOct 16, 2020
Last ModifiedOct 23, 2025

Vulnerability Description

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.

Affected Platforms (CPE)

πŸ’»
Apple

Ipados

< 13.6
πŸ’»
Apple

Iphone Os

< 13.6
πŸ’»
Apple

Tvos

< 13.4.8

References & Advisories

πŸ”— https://support.apple.com/HT211288
πŸ”— https://support.apple.com/HT211290
πŸ”— https://support.apple.com/HT211288
πŸ”— https://support.apple.com/HT211290
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9907

Related Vulnerabilities

CVE-2019-877910.0

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions...

CVE-2020-39109.8

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39099.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39119.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....