CVE-2020-9992

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network.
References
Link Resource
http://seclists.org/fulldisclosure/2020/Nov/20 Mailing List Third Party Advisory
https://support.apple.com/HT211848 Release Notes Vendor Advisory
https://support.apple.com/HT211850 Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2020/Nov/20 Mailing List Third Party Advisory
https://support.apple.com/HT211848 Release Notes Vendor Advisory
https://support.apple.com/HT211850 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:41

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2020/Nov/20 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Nov/20 - Mailing List, Third Party Advisory
References () https://support.apple.com/HT211848 - Release Notes, Vendor Advisory () https://support.apple.com/HT211848 - Release Notes, Vendor Advisory
References () https://support.apple.com/HT211850 - Release Notes, Vendor Advisory () https://support.apple.com/HT211850 - Release Notes, Vendor Advisory

Information

Published : 2020-10-16 17:15

Updated : 2024-11-21 05:41


NVD link : CVE-2020-9992

Mitre link : CVE-2020-9992

CVE.ORG link : CVE-2020-9992


JSON object : View

Products Affected

apple

  • ipados
  • iphone_os
  • xcode