VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202006-1643 CVE-2020-9855 macOS Catalina In symlinks Vulnerability of processing verification deficiency CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges. macOS Catalina Due to a flaw in the verification of symbolic links symlinks There is a processing verification vulnerability.A local attacker could elevate privileges. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Find My is one of the components that supports tracking the location of Apple devices. A security vulnerability exists in the Find My component of Apple macOS Catalina versions prior to 10.15.5
VAR-202006-1642 CVE-2020-9852 plural Apple Integer overflow vulnerability in product CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Kernel is one of the kernel components. Kernel components in several Apple products have security vulnerabilities. The following products and versions are affected: Apple iOS prior to 13.5; iPadOS prior to 13.5; macOS Catalina prior to 10.15.5; tvOS prior to 13.4.5; watchOS prior to 6.2.5
VAR-202006-1641 CVE-2020-9851 macOS Catalina Access vulnerabilities in CVSS V2: 4.3
CVSS V3: 5.5
Severity: MEDIUM
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. PackageKit is one of the open source application software suites, which is mainly used for the installation and upgrade of Linux software. A security vulnerability exists in the PackageKit component of Apple macOS Catalina versions prior to 10.15.5
VAR-202006-1658 CVE-2020-9813 plural Apple Logic vulnerabilities in the product CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Kernel is one of the kernel components. Kernel components in several Apple products have security vulnerabilities. The following products and versions are affected: Apple iOS prior to 13.5; iPadOS prior to 13.5; macOS Catalina prior to 10.15.5; tvOS prior to 13.4.5; watchOS prior to 6.2.5. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9841: ABC Research s.r.o. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5 iOS 13.5 and iPadOS 13.5 address the following: Accounts Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AirDrop Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An issue existed with the use of a PRNG with low entropy. CVE-2020-6616: Jörn Tillmanns (@matedealer) and Jiska Classen (@naehrdine) of Secure Mobile Networking Lab Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9838: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab CoreText Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9829: Aaron Perris (@aaronp613), an anonymous researcher, an anonymous researcher, Carlos S Tech, Sam Menzies of Sam’s Lounge, Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan Rathor of Arabic-Classroom.com FaceTime Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing Description: An issue existed in the pausing of FaceTime video. CVE-2020-9835: Olivier Levesque (@olilevesque) File System Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to modify the file system Description: A logic issue was addressed with improved restrictions. CVE-2020-9820: Thijs Alkemade of Computest FontParser Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab IPSec Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted mail message may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2020-9819: ZecOps.com Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9818: ZecOps.com Messages Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2020-9823: Suryansh Mansharamani, student of Community Middle School, Plainsboro, New Jersey Notifications Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A person with physical access to an iOS device may be able to view notification contents from the lockscreen Description: An authorization issue was addressed with improved state management. CVE-2020-9848: Nima Python Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 Sandbox Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) SQLite Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved restrictions. CVE-2020-9805: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9802: Samuel Groß of Google Project Zero WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9850: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2020-9843: Ryan Pickren (ryanpickren.com) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2020-9803: Wen Xu of SSLab at Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9806: Wen Xu of SSLab at Georgia Tech CVE-2020-9807: Wen Xu of SSLab at Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-9800: Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative WebRTC Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An access issue was addressed with improved memory management. CVE-2019-20503: Natalie Silvanovich of Google Project Zero Wi-Fi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero zsh Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition Bluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Device Analytics We would like to acknowledge Mohamed Ghannam (@_simo36) for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Safari We would like to acknowledge Jeffball of GRIMM and Luke Walker of Manchester Metropolitan University for their assistance. WebKit We would like to acknowledge Aidan Dunlap of UT Austin for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.5 and iPadOS 13.5". -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezV7MAAoJEAc+Lhnt8tDNdWwP/2NnLRWvziY/ilvylDEczut+ xbSNg719ckFBtvkuXirQdsjfTmW3M/RJXUtjOmRDDEQB0IfmIRkrL49moDLeY0rB tjrsoVQESwYwbnb0xNzC3Oqr0tP3hitxFUpkKd7L0opo5vWhshBwqzWEtLTPxI1X T81DCpYiKDMB57bXgRV26QIFgQpHGXV/bMDCksVc12phempeEldP7t4dueDZy526 kWinK9jlwzViWwSmm5VK0t9IbemAZ56Ca829ZmrkT7XfLRyxw0rb+2f9VcQz/kNe RziJ3RwF2WZTe7yJpz6LV5h3RMo+MoHdVbPCYmcYNPiaHGTMl1POZXkjDHBHCSBY etboXOyZNOsnTMIVNwwXK/aGsKBz6kkfbWODS2omtz5oZjzGdZJLC/nFZC2GG13E Pnb0E5ULmA95poi07gWTy31APilQXfAzGJEOebsvH5s2EZ9HcANqrwtonfHSjeOU ZFH8xfnCTgO37ZgevrjdreD8SYRJR3QfEEf/DDNx2xXgr4wzydgvdyNCI1QpEz5s PS3JQECoBM9SsgXv02mCkNlK1crEqoxYURjcN3UIPGx8GVxtyiWJoEByxAgTtqv8 RPSqKGvPrznR1SxVNrXB2o08X3LUqK0LREABpuD/wbp8Qj8ma2fo3hLpvdoc9+De fSLSaEAmjBkF5c4r1O3P =zOSS -----END PGP SIGNATURE-----
VAR-202006-1638 CVE-2020-9847 macOS Catalina Out-of-bounds read vulnerability in CVSS V2: 6.8
CVSS V3: 8.6
Severity: HIGH
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to break out of its sandbox. macOS Catalina Exists in an out-of-bounds read vulnerability due to a flaw in the handling of bounds checks.It can break the sandbox and run externally through a malicious application. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. DiskArbitration is one of the disk loading and unloading components. A buffer error vulnerability exists in the DiskArbitration component of Apple macOS Catalina prior to 10.15.5
VAR-202006-1637 CVE-2020-9844 plural Apple Product double memory release vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Wi-Fi is one of the wireless Internet access components. A resource management error vulnerability exists in the Wi-Fi component of Apple iOS versions prior to 13.5, iPadOS versions prior to 13.5, and macOS Catalina versions prior to 10.15.5
VAR-202006-1635 CVE-2020-9842 plural Apple Product vulnerabilities CVSS V2: 5.8
CVSS V3: 7.1
Severity: HIGH
An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions. plural Apple The product contains unspecified vulnerabilities due to imperfect checks.Any entitlement may be used through the application. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. AppleMobileFileIntegrity is one of the plugins with file integrity checking function. A security vulnerability exists in the AppleMobileFileIntegrity component of several Apple products. The following products and versions are affected: Apple macOS Catalina prior to 10.15.5; iOS prior to 13.5; iPadOS prior to 13.5; tvOS prior to 13.4.5; watchOS prior to 6.2.5
VAR-202006-1634 CVE-2020-9841 macOS Catalina Integer overflow vulnerability in CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. macOS Catalina Exists in an integer overflow vulnerability due to a flaw in input validation.Kernel privileges can be obtained and arbitrary code can be executed through the application. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the SkyLight module. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. WindowServer is one of the application window display server components
VAR-202006-1633 CVE-2020-9839 plural Apple Product Race Condition Vulnerabilities CVSS V2: 5.1
CVSS V3: 7.0
Severity: HIGH
A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges. plural Apple The product is vulnerable to race conditions due to flawed state handling.Elevated privileges may be obtained through the application. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of file permisions. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the root. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. System Preferences is one of the System Preferences components. A race condition issue exists in the System Preferences component in several Apple products. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Apple iOS prior to 13.5; iPadOS prior to 13.5; macOS Catalina prior to 10.15.5; tvOS prior to 13.4.5; watchOS prior to 6.2.5
VAR-202006-1631 CVE-2020-9837 iOS and iPadOS Out-of-bounds read vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-4 tvOS 13.4.5 tvOS 13.4.5 addresses the following: Accounts Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AppleMobileFileIntegrity Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) Audio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative CoreText Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9829: Aaron Perris (@aaronp613), an anonymous researcher, an anonymous researcher, Carlos S Tech, Sam Menzies of Sam’s Lounge, Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan Rathor of Arabic-Classroom.com FontParser Available for: Apple TV 4K and Apple TV HD Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab IPSec Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) Python Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 SQLite Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved restrictions. CVE-2020-9805: an anonymous researcher WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9802: Samuel Groß of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9850: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2020-9843: Ryan Pickren (ryanpickren.com) WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2020-9803: Wen Xu of SSLab at Georgia Tech WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9806: Wen Xu of SSLab at Georgia Tech CVE-2020-9807: Wen Xu of SSLab at Georgia Tech WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-9800: Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative WebRTC Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An access issue was addressed with improved memory management. CVE-2019-20503: Natalie Silvanovich of Google Project Zero zsh Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Safari We would like to acknowledge Luke Walker of Manchester Metropolitan University for their assistance. WebKit We would like to acknowledge Aidan Dunlap of UT Austin for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezV7eAAoJEAc+Lhnt8tDNGUEQAIqcHvrOcVu90wELj4q9d2Z/ LwyOmEKZu0s5QO5d2XuusXQig7etS+hQg4y4IEBc6+FbeHQ6geksjn4CEs0y1hs2 cIQHtXqOes5QRZx4joMGqC6rsS2U+DoSxtsxyKDrzhWCBJdz18JXG/5AdLQn9Zo4 QvUVVwNX61QiFGlUd5lL9QZWrh+FBxgilex7H9YpCVSzcTN5xcbe48zVjhpU/UFn KKKRK15aTzGqhmJ1zhvYUVLal4tfWV52QzWNbUW2UlPGxFORNpYKXCmQILk8eQGj FqIIjGrVcGYPnCDKbMfh24rEilYMzhDrQNg06uokgilPAUXC937lI88+G56Ayl9n ABOK/i04ni1FrmGkwRf/VEW6WV7k3bpXi5UTUZZCplfk19PoH8MIk1wUZ8AzActr lxK5DeHPKAG5Pl3dzkqKT8lQ/9aSozken7yQNz7AIo5Ib1ik88er4uu/SjV5CRka e0t8tkoL8MLIpMqUUpt7j+HgqB/R8VBQ6lBK0Jds2NI84XWXRTHF7UeeVo/BYoTj gdUqhL1B3vdIizxSemmbx70wVoHLU//JONHLJNE6dfGdNWeKHcqKfzZPbXo/4Hq/ ZDNj/cDOJTmChYqvG/Qi7AHlKACWpYMNnRsa6hMt99z24hdvPg2LP4ANf7Gi6Sq6 CnECyJL8Va3625vOipPF =ceKY -----END PGP SIGNATURE-----
VAR-202006-1657 CVE-2020-9812 plural Apple Vulnerabilities that disclose information in products CVSS V2: 7.1
CVSS V3: 5.5
Severity: MEDIUM
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Kernel is one of the kernel components. Kernel components in several Apple products have security vulnerabilities. The following products and versions are affected: Apple iOS prior to 13.5; iPadOS prior to 13.5; macOS Catalina prior to 10.15.5; tvOS prior to 13.4.5; watchOS prior to 6.2.5. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9841: ABC Research s.r.o. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5 iOS 13.5 and iPadOS 13.5 address the following: Accounts Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AirDrop Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An issue existed with the use of a PRNG with low entropy. CVE-2020-6616: Jörn Tillmanns (@matedealer) and Jiska Classen (@naehrdine) of Secure Mobile Networking Lab Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9838: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab CoreText Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9829: Aaron Perris (@aaronp613), an anonymous researcher, an anonymous researcher, Carlos S Tech, Sam Menzies of Sam’s Lounge, Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan Rathor of Arabic-Classroom.com FaceTime Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing Description: An issue existed in the pausing of FaceTime video. CVE-2020-9835: Olivier Levesque (@olilevesque) File System Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to modify the file system Description: A logic issue was addressed with improved restrictions. CVE-2020-9820: Thijs Alkemade of Computest FontParser Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab IPSec Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted mail message may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2020-9819: ZecOps.com Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9818: ZecOps.com Messages Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2020-9823: Suryansh Mansharamani, student of Community Middle School, Plainsboro, New Jersey Notifications Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A person with physical access to an iOS device may be able to view notification contents from the lockscreen Description: An authorization issue was addressed with improved state management. CVE-2020-9848: Nima Python Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 Sandbox Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) SQLite Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved restrictions. CVE-2020-9805: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9802: Samuel Groß of Google Project Zero WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A logic issue was addressed with improved restrictions. CVE-2020-9850: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2020-9843: Ryan Pickren (ryanpickren.com) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2020-9803: Wen Xu of SSLab at Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9806: Wen Xu of SSLab at Georgia Tech CVE-2020-9807: Wen Xu of SSLab at Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-9800: Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative WebRTC Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An access issue was addressed with improved memory management. CVE-2019-20503: Natalie Silvanovich of Google Project Zero Wi-Fi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero zsh Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition Bluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Device Analytics We would like to acknowledge Mohamed Ghannam (@_simo36) for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Safari We would like to acknowledge Jeffball of GRIMM and Luke Walker of Manchester Metropolitan University for their assistance. WebKit We would like to acknowledge Aidan Dunlap of UT Austin for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.5 and iPadOS 13.5". -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezV7MAAoJEAc+Lhnt8tDNdWwP/2NnLRWvziY/ilvylDEczut+ xbSNg719ckFBtvkuXirQdsjfTmW3M/RJXUtjOmRDDEQB0IfmIRkrL49moDLeY0rB tjrsoVQESwYwbnb0xNzC3Oqr0tP3hitxFUpkKd7L0opo5vWhshBwqzWEtLTPxI1X T81DCpYiKDMB57bXgRV26QIFgQpHGXV/bMDCksVc12phempeEldP7t4dueDZy526 kWinK9jlwzViWwSmm5VK0t9IbemAZ56Ca829ZmrkT7XfLRyxw0rb+2f9VcQz/kNe RziJ3RwF2WZTe7yJpz6LV5h3RMo+MoHdVbPCYmcYNPiaHGTMl1POZXkjDHBHCSBY etboXOyZNOsnTMIVNwwXK/aGsKBz6kkfbWODS2omtz5oZjzGdZJLC/nFZC2GG13E Pnb0E5ULmA95poi07gWTy31APilQXfAzGJEOebsvH5s2EZ9HcANqrwtonfHSjeOU ZFH8xfnCTgO37ZgevrjdreD8SYRJR3QfEEf/DDNx2xXgr4wzydgvdyNCI1QpEz5s PS3JQECoBM9SsgXv02mCkNlK1crEqoxYURjcN3UIPGx8GVxtyiWJoEByxAgTtqv8 RPSqKGvPrznR1SxVNrXB2o08X3LUqK0LREABpuD/wbp8Qj8ma2fo3hLpvdoc9+De fSLSaEAmjBkF5c4r1O3P =zOSS -----END PGP SIGNATURE-----
VAR-202006-1629 CVE-2020-9834 macOS Catalina Memory Corruption Vulnerability in CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Wi-Fi is one of the wireless Internet access components
VAR-202006-1627 CVE-2020-9832 macOS Catalina Out-of-bounds read vulnerability in CVSS V2: 4.3
CVSS V3: 5.5
Severity: MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to determine kernel memory layout. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Wi-Fi is one of the wireless Internet access components. A security vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5
VAR-202006-1628 CVE-2020-9833 macOS Catalina Memory initialization vulnerability in CVSS V2: 4.9
CVSS V3: 5.5
Severity: MEDIUM
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.5. A local user may be able to read kernel memory. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Wi-Fi is one of the wireless Internet access components. A security vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5
VAR-202006-1626 CVE-2020-9831 macOS Catalina Out-of-bounds read vulnerability in CVSS V2: 4.3
CVSS V3: 5.5
Severity: MEDIUM
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to determine kernel memory layout. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Bluetooth is one of the Bluetooth components. A buffer error vulnerability exists in the Bluetooth component of Apple macOS Catalina prior to 10.15.5
VAR-202006-1625 CVE-2020-9830 macOS Catalina Memory Corruption Vulnerability in CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Wi-Fi is one of the wireless Internet access components
VAR-202006-1622 CVE-2020-9826 plural Apple Service operation interruption in the product (DoS) Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause a denial of service. macOS Catalina , iOS , iPadOS Interferes with service operation due to inadequate processing related to input confirmation (DoS) Vulnerability exists.Service operation disrupted by a remote attacker (DoS) It may be put into a state. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. AirDrop is one of the wireless file transfer components. A security vulnerability exists in the AirDrop component of Apple macOS Catalina versions prior to 10.15.5, iOS versions prior to 13.5, and iPadOS versions prior to 13.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab Intel Graphics Driver Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. CVE-2020-9817: Andy Grant of NCC Group PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de) Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 Sandbox Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9788: Wojciech Reguła of SecuRing (https://wojciechregula.blog) SIP Available for: macOS Catalina 10.15.4 Impact: A non-privileged user may be able to modify restricted network settings Description: A logic issue was addressed with improved restrictions. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Endpoint Security We would like to acknowledge an anonymous researcher for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance. Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance. Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----
VAR-202006-1621 CVE-2020-9825 plural Apple Access vulnerabilities in products CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A malicious application may be able to bypass Privacy preferences. macOS Catalina , iOS , iPadOS Is vulnerable to access due to a flawed sandbox restriction.It is possible to circumvent privacy preferences through malicious applications. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Sandbox is one of the sandbox components. A security vulnerability exists in the Sandbox component in Apple iOS versions prior to 13.5, iPadOS versions prior to 13.5, and macOS Catalina versions prior to 10.15.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AirDrop Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab Intel Graphics Driver Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. CVE-2020-9817: Andy Grant of NCC Group PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de) Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9788: Wojciech Reguła of SecuRing (https://wojciechregula.blog) SIP Available for: macOS Catalina 10.15.4 Impact: A non-privileged user may be able to modify restricted network settings Description: A logic issue was addressed with improved restrictions. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Endpoint Security We would like to acknowledge an anonymous researcher for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance. Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance. Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----
VAR-202006-1620 CVE-2020-9824 macOS Catalina Logic vulnerabilities in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. A non-privileged user may be able to modify restricted network settings. macOS Catalina Exists in a logic vulnerability due to a flaw in the processing of restrictions.Unprivileged users may change your restricted network settings. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. SIP is one of the System Integrity Protection components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AirDrop Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab Intel Graphics Driver Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher Kernel Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6) Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. CVE-2020-9817: Andy Grant of NCC Group PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de) Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 Sandbox Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Endpoint Security We would like to acknowledge an anonymous researcher for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance. Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance. Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----
VAR-202006-1618 CVE-2020-9822 macOS Catalina Out-of-bounds write vulnerability in CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to execute arbitrary code with kernel privileges. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Intel Graphics Driver is one of the integrated graphics drivers. A security vulnerability exists in the Intel Graphics Driver component of Apple macOS Catalina prior to 10.15.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt AirDrop Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de) AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. This was addressed with improved state management. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin) ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. CVE-2019-14868 NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. CVE-2020-9817: Andy Grant of NCC Group PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de) Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793 Sandbox Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0) Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9788: Wojciech Reguła of SecuRing (https://wojciechregula.blog) SIP Available for: macOS Catalina 10.15.4 Impact: A non-privileged user may be able to modify restricted network settings Description: A logic issue was addressed with improved restrictions. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794 System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman Additional recognition CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance. CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance. Endpoint Security We would like to acknowledge an anonymous researcher for their assistance. ImageIO We would like to acknowledge Lei Sun for their assistance. IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance. IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance. Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance. Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----