CVE-2020-9844

HIGH

iPadOS < 13.5 - Use-After-Free

Title source: llm

Description

A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/HT211168

Vendor Advisory x_refsource_misc

https://support.apple.com/HT211170

Scores

CVSS v3 7.5

EPSS 0.0177

EPSS Percentile 75.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-415

Status published

Products (5)

apple/ipados < 13.5

apple/iphone_os < 13.5

apple/mac_os_x 10.13.6 (12 CPE variants)

apple/mac_os_x 10.14.6 (9 CPE variants)

apple/mac_os_x 10.13 - 10.13.6

Published Jun 09, 2020

Tracked Since Feb 18, 2026