CVE-2020-9966

HIGH

Apple Ipados < 14.0 - Out-of-Bounds Read

Title source: rule
STIX 2.1

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT211843
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT211850
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT211844
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT211931
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2020/Dec/32

Scores

CVSS v3 7.8
EPSS 0.0079
EPSS Percentile 74.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-125
Status published
Products (5)
apple/ipados < 14.0
apple/iphone_os < 14.0
apple/mac_os_x < 11.0.1
apple/tvos < 14.0
apple/watchos < 7.0
Published Dec 08, 2020
Tracked Since Feb 18, 2026