CVE-2020-3873 - Incorrect Authorization vulnerability in Apple Ipados and Iphone OS

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE

Summary

This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews.

Vulnerable Configurations

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization