CVE-2020-3843high
Description
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4.7, watchOS 5.3.7. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
References
https://support.apple.com/HT211176
https://support.apple.com/HT211169
http://packetstormsecurity.com/files/162119/iOS-macOS-Radio-Proximity-Kernel-Memory-Corruption.html
Details
Source: MITRE
Published: 2020-02-27
Updated: 2021-07-21
Type: CWE-119
Risk Information
CVSS v2
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH
CVSS v3
Base Score: 8.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8
Severity: HIGH