CVE-2020-9818 - Vulnerability Details - OpenCVE

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is in the KEV database since Nov. 3, 2021.

The EPSS score is 0.00561.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Apple	Ipados Iphone Os Watchos

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:watchos::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2020-30597	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.apple.com/HT211168
https://support.apple.com/HT211169
https://support.apple.com/HT211175

History

Wed, 29 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2021-11-03'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2020-06-09T16:12:39.000Z

Updated: 2025-08-20T03:56:14.443Z

Reserved: 2020-03-02T00:00:00.000Z

Link: CVE-2020-9818

Vulnrichment

Updated: 2024-08-04T10:43:05.159Z

NVD

Status : Analyzed

Published: 2020-06-09T17:15:13.317

Modified: 2025-02-28T14:44:48.713

Link: CVE-2020-9818

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "iOS", "vendor": "Apple", "versions": [{"lessThan": "iOS 13.5 and iPadOS 13.5", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iOS-1", "vendor": "Apple", "versions": [{"lessThan": "iOS 12.4.7", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "watchOS", "vendor": "Apple", "versions": [{"lessThan": "watchOS 6.2.5", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination."}], "problemTypes": [{"descriptions": [{"description": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-16T16:17:42.000Z", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT211168"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT211175"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT211169"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2020-9818", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "iOS 13.5 and iPadOS 13.5"}]}}, {"product_name": "iOS-1", "version": {"version_data": [{"version_affected": "<", "version_value": "iOS 12.4.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "watchOS 6.2.5"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/HT211168", "refsource": "MISC", "url": "https://support.apple.com/HT211168"}, {"name": "https://support.apple.com/HT211175", "refsource": "MISC", "url": "https://support.apple.com/HT211175"}, {"name": "https://support.apple.com/HT211169", "refsource": "MISC", "url": "https://support.apple.com/HT211169"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:43:05.159Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT211168"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT211175"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT211169"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-08-19T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2020-9818"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9818"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "timeline": [{"time": "2021-11-03T00:00:00+00:00", "lang": "en", "value": "CVE-2020-9818 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-20T03:56:14.443Z"}}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2020-9818", "datePublished": "2020-06-09T16:12:39.000Z", "dateReserved": "2020-03-02T00:00:00.000Z", "dateUpdated": "2025-08-20T03:56:14.443Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/HT211168", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/HT211175", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/HT211169", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:43:05.159Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2020-9818", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T17:39:03.678076Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9818"}}}], "timeline": [{"lang": "en", "time": "2021-11-03T00:00:00+00:00", "value": "CVE-2020-9818 added to CISA KEV"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T17:27:41.888Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "iOS 13.5 and iPadOS 13.5", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS-1", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "iOS 12.4.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "watchOS 6.2.5", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/HT211168", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/HT211175", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/HT211169", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2020-10-16T16:17:42.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "iOS 13.5 and iPadOS 13.5", "version_affected": "<"}]}, "product_name": "iOS"}, {"version": {"version_data": [{"version_value": "iOS 12.4.7", "version_affected": "<"}]}, "product_name": "iOS-1"}, {"version": {"version_data": [{"version_value": "watchOS 6.2.5", "version_affected": "<"}]}, "product_name": "watchOS"}]}, "vendor_name": "Apple"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://support.apple.com/HT211168", "name": "https://support.apple.com/HT211168", "refsource": "MISC"}, {"url": "https://support.apple.com/HT211175", "name": "https://support.apple.com/HT211175", "refsource": "MISC"}, {"url": "https://support.apple.com/HT211169", "name": "https://support.apple.com/HT211169", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-9818", "STATE": "PUBLIC", "ASSIGNER": "product-security@apple.com"}}}}, "cveMetadata": {"cveId": "CVE-2020-9818", "state": "PUBLISHED", "dateUpdated": "2025-08-20T03:56:14.443Z", "dateReserved": "2020-03-02T00:00:00.000Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2020-06-09T16:12:39.000Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-05-03", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "9145C3CB-429B-4FB8-A0AC-B543E9FFF938", "versionEndExcluding": "13.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "0ACD1157-AD87-4487-897F-009FC3204A2A", "versionEndExcluding": "12.4.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "05AF2126-2012-4A6A-BF40-2870D87C85D8", "versionEndExcluding": "13.5", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "85301873-69B8-4A21-9EFD-F69A5E1ABF40", "versionEndExcluding": "6.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination."}, {"lang": "es", "value": "Se abord\u00f3 un problema de escritura fuera de l\u00edmites con una comprobaci\u00f3n de l\u00edmites mejorada. Este problema es corregido en iOS versi\u00f3n 13.5 y iPadOS versi\u00f3n 13.5, iOS 12.4.7, watchOS versi\u00f3n 6.2.5. El procesamiento de un mensaje de correo dise\u00f1ado con fines maliciosos puede conllevar a modificaciones inesperadas de la memoria o la finalizaci\u00f3n de la aplicaci\u00f3n"}], "id": "CVE-2020-9818", "lastModified": "2025-02-28T14:44:48.713", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2020-06-09T17:15:13.317", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211168"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211169"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211175"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211175"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}