Vulnerability Database

324,311

Total vulnerabilities in the database

CVE-2020-9909

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

Published: Oct 16, 2020
Updated: Nov 16, 2025
CVE: CVE-2020-9909
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.9
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
apple / tvos	-	13.4.8
apple / iphone_os	-	13.6
apple / watchos	-	6.2.8
apple / ipados	-	13.6

https://support.apple.com/HT211288
https://support.apple.com/HT211290
https://support.apple.com/HT211291

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo