← Retour aux CVEs
CVE-2020-9934
MEDIUMCISA KEV5.5
Description
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.
Details CVE
Score CVSS v3.15.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie10/16/2020
Derniere modification10/23/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurApple
ProduitiOS, iPadOS, and macOS
Nom vulnerabiliteApple iOS, iPadOS, and macOS Input Validation Vulnerability
Date ajout KEV2022-09-08
Date limite remediation2022-09-29
Utilise dans ransomwareUnknown
Produits affectes
apple:ipadosapple:iphone_osapple:mac_os_x
References
https://support.apple.com/HT211288(product-security@apple.com)
https://support.apple.com/HT211289(product-security@apple.com)
https://support.apple.com/HT211288(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT211289(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9934(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.