CVE-2020-9844

HIGH

Apple Ipados < 13.5 - Double Free

Title source: rule

Description

A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

References (2)

[Vendor Advisory] https://support.apple.com/HT211168

[Vendor Advisory] https://support.apple.com/HT211170

Scores

CVSS v3 7.5

EPSS 0.0053

EPSS Percentile 66.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-415

Status published

Affected Products (24)

apple/ipados < 13.5

apple/iphone_os < 13.5

apple/mac_os_x < 10.13.6

apple/mac_os_x

... and 9 more

Timeline

Published Jun 09, 2020

Tracked Since Feb 18, 2026