Cyber Resilience

CVE-2020-9907

HighCISA KEVActive ExploitationEUVD Exploited

Published: 16 October 2020

Published
16 October 2020
Modified
23 October 2025
KEV Added
27 June 2022
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0051 67.0th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-9907 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 33.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-39 (Process Isolation) and SI-16 (Memory Protection).

Deeper analysis

A memory corruption vulnerability, tracked as CVE-2020-9907 and assigned CWE-787, affected iOS prior to 13.6, iPadOS prior to 13.6, and tvOS prior to 13.4.8. The flaw was resolved by removing the vulnerable code path, preventing an application from triggering out-of-bounds writes that could corrupt kernel memory.

An attacker who can persuade a user to run a malicious application on an affected device may exploit the issue to achieve arbitrary code execution with kernel privileges. The CVSS 7.8 vector indicates local attack vector, low complexity, no required privileges, and user interaction, resulting in full confidentiality, integrity, and availability impact within the kernel.

Apple security advisories HT211288 and HT211290 detail the affected platforms and confirm the fixes shipped in the cited releases. The entry also appears in CISA's Known Exploited Vulnerabilities catalog, indicating confirmed in-the-wild exploitation.

EU & UK References

Vulnerability details

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.

CWE(s)
KEV Date Added
27 June 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 13.6
apple
iphone os
≤ 13.6
apple
tvos
≤ 13.4.8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces memory protection mechanisms that block the out-of-bounds writes and kernel memory corruption exploited by CVE-2020-9907.

prevent

Enforces process isolation between user-space applications and kernel address space, preventing the local arbitrary-code-execution path described in the CVE.

prevent

Requires timely application of patches that remove the vulnerable code path, directly addressing the flaw fixed in iOS 13.6 / tvOS 13.4.8.

References