CVE-2020-9878

Summary

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 13.6 and iPadOS 13.6affected
ApplemacOSunspecified < macOS Catalina 10.15.6affected
AppletvOSunspecified < tvOS 13.4.8affected
ApplewatchOSunspecified < watchOS 6.2.8affected

Weaknesses

  • Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References