CVE-2020-9794 – CVE-2020-9794 is an out-of-bounds read vulnerab... (How to Fix)

Q: What is the severity of CVE-2020-9794?

CVE-2020-9794 has a CVSS score of 8.1 (HIGH). CVE-2020-9794 is an out-of-bounds read vulnerability in multiple Apple operating systems and applications. A malicious application could exploit this to cause denial of service or potentially leak sensitive memory contents. Affected systems include iOS, iPadOS, macOS, tvOS, watchOS, iTunes for Windows, and iCloud for Windows.

📋 TL;DR

CVE-2020-9794 is an out-of-bounds read vulnerability in multiple Apple operating systems and applications. A malicious application could exploit this to cause denial of service or potentially leak sensitive memory contents. Affected systems include iOS, iPadOS, macOS, tvOS, watchOS, iTunes for Windows, and iCloud for Windows.

💻 Affected Systems

Products:

iOS
iPadOS
macOS Catalina
tvOS
watchOS
iTunes for Windows
iCloud for Windows

Versions: Versions prior to iOS 13.5, iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7, iCloud for Windows 11.2/7.19

Operating Systems: iOS, iPadOS, macOS, tvOS, watchOS, Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. Requires malicious application execution.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory disclosure could expose sensitive information like passwords, encryption keys, or other application data to an attacker.

🟠

Likely Case

Denial of service causing application or system crashes, disrupting normal operations.

🟢

If Mitigated

Limited impact with proper application sandboxing and memory protection controls in place.

🌐 Internet-Facing: LOW - Requires local application execution, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Malicious applications could be installed by users with local access or through social engineering.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user to install and execute malicious application. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 13.5, iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7, iCloud for Windows 11.2/7.19

Vendor Advisory: https://support.apple.com/HT211168

Restart Required: Yes

Instructions:

1. Open Settings/System Preferences. 2. Navigate to Software Update. 3. Download and install the latest available update. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Application Control

all

Restrict installation of untrusted applications through MDM policies or user education.

🧯 If You Can't Patch

Implement strict application whitelisting policies
Educate users about risks of installing untrusted applications

🔍 How to Verify

Check if Vulnerable:

Check current OS/application version against affected versions list.

Check Version:

iOS/iPadOS: Settings > General > About > Version. macOS: Apple menu > About This Mac. Windows: Application Help > About.

Verify Fix Applied:

Verify installed version matches or exceeds patched versions listed in fix_official.

📡 Detection & Monitoring

Log Indicators:

Application crash logs with memory access violations
Unexpected process termination

SIEM Query:

EventID=1000 OR EventID=1001 (Windows Application Crashes) OR syslog messages containing 'segmentation fault' or 'bus error'

📊 Metadata

CVE ID: CVE-2020-9794

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: June 9, 2020

Last Updated: November 21, 2024

🔗 References

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168 Release Notes,Vendor Advisory
https://support.apple.com/HT211170 Release Notes,Vendor Advisory
https://support.apple.com/HT211171 Release Notes,Vendor Advisory
https://support.apple.com/HT211175 Release Notes,Vendor Advisory
https://support.apple.com/HT211178 Release Notes,Vendor Advisory
https://support.apple.com/HT211179 Release Notes,Vendor Advisory
https://support.apple.com/HT211181 Release Notes,Vendor Advisory
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168 Release Notes,Vendor Advisory
https://support.apple.com/HT211170 Release Notes,Vendor Advisory
https://support.apple.com/HT211171 Release Notes,Vendor Advisory
https://support.apple.com/HT211175 Release Notes,Vendor Advisory
https://support.apple.com/HT211178 Release Notes,Vendor Advisory
https://support.apple.com/HT211179 Release Notes,Vendor Advisory
https://support.apple.com/HT211181 Release Notes,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-9794, you might also want to check these: