Apple iOS/iPadOS up to 13.4.1 AirDrop input validation

EntryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in Apple iOS and iPadOS up to 13.4.1 (Smartphone Operating System). This affects an unknown part of the component AirDrop. Upgrading to version 13.5 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1052956610/20/2020VulD...cve_assigned1583103600cve.mitre.org10/20/2020accepted70
1011540305/30/2020VulD...cve_nvd_summaryA denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause a denial of service.mitre.org05/30/2020accepted100
1011538705/30/2020VulD...cvss3_nvd_aHnist.gov05/30/2020accepted100
1011538605/30/2020VulD...cvss3_nvd_iNnist.gov05/30/2020accepted100
1011538505/30/2020VulD...cvss3_nvd_cNnist.gov05/30/2020accepted100
1011538405/30/2020VulD...cvss3_nvd_sUnist.gov05/30/2020accepted100
1011538305/30/2020VulD...cvss3_nvd_uiNnist.gov05/30/2020accepted100
1011538205/30/2020VulD...cvss3_nvd_prNnist.gov05/30/2020accepted100
1011538105/30/2020VulD...cvss3_nvd_acLnist.gov05/30/2020accepted100
1011538005/30/2020VulD...cvss3_nvd_avNnist.gov05/30/2020accepted100
1011536705/30/2020VulD...cvss2_nvd_aiPnist.gov05/30/2020accepted100
1011536605/30/2020VulD...cvss2_nvd_iiNnist.gov05/30/2020accepted100
1011536505/30/2020VulD...cvss2_nvd_ciNnist.gov05/30/2020accepted100
1011536405/30/2020VulD...cvss2_nvd_auNnist.gov05/30/2020accepted100
1011536305/30/2020VulD...cvss2_nvd_acLnist.gov05/30/2020accepted100
1011536205/30/2020VulD...cvss2_nvd_avNnist.gov05/30/2020accepted100
1011535205/30/2020VulD...cwe20 (privilege escalation)05/30/2020accepted100
1011534705/30/2020VulD...typeSmartphone Operating System05/30/2020accepted100
1011541105/30/2020VulD...cvss3_nvd_basescore7.5nist.gov05/30/2020accepted90
1011541005/30/2020VulD...cvss3_vuldb_rcC05/30/2020accepted90

Interested in the pricing of exploits?

See the underground prices here!