Severity Rating: High
Software Affected
· Apple iOS and iPadOS versions prior to 13.5.1
· Apple macOS High Sierra version prior to 10.13.6
· Apple macOS Catalina version prior to 10.15.5
· Apple tvOS version prior to 13.4.6
· Apple watchOS version prior to 6.2.6
Overview
Privilege escalation vulnerability has been reported in various Apple
operating systems which could allow a local attacker to gain privileges on
the targeted system.
Description (CVE-2020-9859)
A vulnerability exists in Apple macOS Catalina, macOS High Sierra, iOS,
iPadOS, tvOS and watchOS that could allow an attacker to gain elevated
privileges. This vulnerability exists due to improper memory handling. An
attacker could exploit this vulnerability by using a specially-crafted
application.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code with kernel privileges.
Solution:
Apply appropriate security updates as mentioned in the Apple Security
Updates
Vendor Information:
Apple
References:
Apple
CVE Name
CVE-2020-9859
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.