CVE-2020-3838
Summary
| CVE | CVE-2020-3838 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2020-02-27 21:15:00 UTC |
|---|
| Updated | 2021-04-30 01:53:00 UTC |
|---|
| Description | The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Apple |
Ipados |
All |
All |
All |
All |
| Operating System |
Apple |
Ipados |
All |
All |
All |
All |
| Operating System |
Apple |
Iphone Os |
All |
All |
All |
All |
| Operating System |
Apple |
Iphone Os |
All |
All |
All |
All |
| Operating System |
Apple |
Mac Os X |
All |
All |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
- |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2019-001 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2019-002 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-001 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-002 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-003 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-004 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-005 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-006 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2020-007 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2021-001 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
security_update_2021-002 |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
supplemental_update |
All |
All |
| Operating System |
Apple |
Mac Os X |
10.14.6 |
supplemental_update_2 |
All |
All |
| Operating System |
Apple |
Mac Os X |
All |
All |
All |
All |
| Operating System |
Apple |
Tvos |
All |
All |
All |
All |
| Operating System |
Apple |
Tvos |
All |
All |
All |
All |
| Operating System |
Apple |
Watchos |
All |
All |
All |
All |
| Operating System |
Apple |
Watchos |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| About the security content of tvOS 13.3.1 - Apple Support |
MISC |
support.apple.com |
Release Notes, Vendor Advisory |
| About the security content of iOS 13.3.1 and iPadOS 13.3.1 - Apple Support |
MISC |
support.apple.com |
Release Notes, Vendor Advisory |
| Full Disclosure: APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina |
FULLDISC |
seclists.org |
|
| About the security content of Security Update 2021-002 Catalina - Apple Support |
CONFIRM |
support.apple.com |
|
| About the security content of Security Update 2021-003 Mojave - Apple Support |
CONFIRM |
support.apple.com |
|
| About the security content of watchOS 6.1.2 - Apple Support |
MISC |
support.apple.com |
Release Notes, Vendor Advisory |
| About the security content of macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra - Apple Support |
MISC |
support.apple.com |
Release Notes, Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 375507 Apple macOS Security Update 2021-002 Catalina (HT212326)
- 375510 Apple macOS Security Update 2021-003 Mojave (HT212327)
