Login Sign Up

CVE-2020-3837

7.8 HIGH

📋 TL;DR

This is a memory corruption vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privileges. It affects iOS, iPadOS, macOS, tvOS, and watchOS. Attackers could gain complete control over affected devices.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • tvOS
  • watchOS
Versions: Versions prior to iOS 13.3.1, iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2
Operating Systems: iOS, iPadOS, macOS, tvOS, watchOS
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running affected versions are vulnerable by default. No special configuration required.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Tvos by Apple

View all CVEs affecting Tvos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with kernel-level privileges, allowing installation of persistent malware, data theft, and complete system control.

🟠

Likely Case

Targeted attacks against high-value individuals or organizations to install spyware or ransomware.

🟢

If Mitigated

Limited impact if devices are fully patched and have security controls like app sandboxing and code signing enforcement.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious application to be installed on the device. No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 13.3.1, iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2

Vendor Advisory: https://support.apple.com/HT210918

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update on iOS/iPadOS/watchOS. 2. For macOS, go to System Preferences > Software Update. 3. For tvOS, go to Settings > System > Software Updates. 4. Download and install the latest update. 5. Restart the device after installation.

🔧 Temporary Workarounds

Application Restriction

all

Restrict installation of untrusted applications to reduce attack surface.

🧯 If You Can't Patch

  • Isolate affected devices from critical networks and sensitive data.
  • Implement strict application allowlisting to prevent malicious app installation.

🔍 How to Verify

Check if Vulnerable:

Check the operating system version against the affected versions listed above.

Check Version:

iOS/iPadOS/watchOS: Settings > General > About > Version. macOS: Apple menu > About This Mac. tvOS: Settings > General > About.

Verify Fix Applied:

Verify the device is running iOS 13.3.1+, iPadOS 13.3.1+, macOS Catalina 10.15.3+, tvOS 13.3.1+, or watchOS 6.1.2+.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected kernel panics or crashes
  • Unusual process spawning with elevated privileges

Network Indicators:

  • Unusual outbound connections from Apple devices to unknown IPs

SIEM Query:

source="apple-device-logs" AND (event_type="kernel_panic" OR process_privilege="kernel")

📊 Metadata

CVE ID: CVE-2020-3837
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: February 27, 2020
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-3837, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)