Vulnerability CVE-2020-3899
Published: 2020-04-01

Description:
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.

Type:

CWE-400

 (Uncontrolled Resource Consumption ('Resource Exhaustion'))

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Apple -> Icloud 
Apple -> Itunes 
Apple -> Safari 
Apple -> Ipad os 
Apple -> Iphone os 
Apple -> TVOS 

 References:
https://support.apple.com/HT211101
https://support.apple.com/HT211102
https://support.apple.com/HT211104
https://support.apple.com/HT211105
https://support.apple.com/HT211106
https://support.apple.com/HT211107
Copyright 2024, cxsecurity.com

 

Back to Top