CVE-2020-9819

MEDIUM KEV

Apple Ipados < 13.5 - Out-of-Bounds Write

Title source: rule

Description

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption.

References (5)

[Release Notes, Vendor Advisory] https://support.apple.com/HT211168

[Release Notes, Vendor Advisory] https://support.apple.com/HT211169

[Release Notes, Vendor Advisory] https://support.apple.com/HT211175

[Release Notes, Vendor Advisory] https://support.apple.com/HT211176

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9819

Scores

CVSS v3 4.3

EPSS 0.0061

EPSS Percentile 69.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Details

CISA KEV 2021-11-03

VulnCheck KEV 2020-04-22

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2020-30598

CWE

CWE-787

Status published

Products (3)

apple/ipados < 13.5

apple/iphone_os < 12.4.7

apple/watchos < 5.3.7

Published Jun 09, 2020

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026