CVE-2020-3837
Published: 27 February 2020
Summary
CVE-2020-3837 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 8.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-39 (Process Isolation) and SI-16 (Memory Protection).
Deeper analysis
A memory corruption vulnerability tracked as CVE-2020-3837 and assigned CWE-787 affects Apple platforms running iOS, iPadOS, macOS Catalina, tvOS, and watchOS. The root cause is insufficient validation during memory operations that can be triggered by an application, and the flaw received a CVSS 3.1 base score of 7.8.
An unauthenticated local attacker who can persuade a user to run a malicious application may leverage the issue to corrupt kernel memory and execute arbitrary code with kernel privileges, resulting in full control over the affected device.
Apple has released fixes that improve memory handling in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, and watchOS 6.1.2; the corresponding security advisories direct administrators and users to install these updates to eliminate the exposure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-25102
Vulnerability details
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
- CWE(s)
- KEV Date Added
- 27 June 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces memory protection mechanisms that would have blocked the kernel memory corruption exploited by CVE-2020-3837.
Requires separate execution domains for processes, preventing an application from corrupting kernel memory and obtaining kernel privileges.
Mandates timely installation of the vendor patches that corrected the insufficient memory-handling flaw in affected Apple platforms.