CVE-2020-9992

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network.
References
Link Resource
http://seclists.org/fulldisclosure/2020/Nov/20 Mailing List Third Party Advisory
https://support.apple.com/HT211848 Release Notes Vendor Advisory
https://support.apple.com/HT211850 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

History

09 Jan 2023, 16:41

Type Values Removed Values Added
CPE cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
First Time Apple ipados

24 May 2022, 14:26

Type Values Removed Values Added
References (FULLDISC) http://seclists.org/fulldisclosure/2020/Nov/20 - (FULLDISC) http://seclists.org/fulldisclosure/2020/Nov/20 - Mailing List, Third Party Advisory

Information

Published : 2020-10-16 17:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-9992

Mitre link : CVE-2020-9992

CVE.ORG link : CVE-2020-9992


JSON object : View

Products Affected

apple

  • iphone_os
  • ipados
  • xcode