CVE-2020-9891

Summary

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 13.6 and iPadOS 13.6affected
ApplemacOSunspecified < macOS Catalina 10.15.6affected
AppletvOSunspecified < tvOS 13.4.8affected
ApplewatchOSunspecified < watchOS 6.2.8affected

Weaknesses

  • Processing a maliciously crafted audio file may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References