5
CVSSv2

CVE-2020-9914

Published: 16/10/2020 Updated: 20/10/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Apple tvOS could allow a local malicious user to execute arbitrary code on the system, caused by an input validation issue in Bluetooth in the iAP component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple ipad os

apple iphone os

apple tvos

Vendor Advisories

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-07-15-1 iOS 136 and iPadOS 136 iOS 136 and iPadOS 136 are now available and address the following: Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to a ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-07-15-3 tvOS 1348 tvOS 1348 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved ...

Recent Articles

The Register

Apple has released a fresh batch of software security updates for its flagship devices.
The July 15 security refresh from Cupertino includes fixes for bugs in iOS, macOS, tvOS, and WatchOS: basically every hardware product from the Cupertino giant. Given the massive patch overload this week, it's a good time to bury bad news.
For iOS and iPadOS the 13.6 update includes fixes for 29 CVE-listed vulnerabilities, 10 involving arbitrary code execution.
Four of those code execution f...