Published: 08/12/2020 Updated: 21/07/2021

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple ipados
apple iphone os

Apple emits iOS, iPadOS, watchOS, macOS patches to fix three hijack-my-device flaws exploited in the wild

The Register • Thomas Claburn in San Francisco • 05 Nov 2020

Trio of bugs reported by Google Project Zero, plenty of other flaws addressed Here's a neat exploit to trick someone into inadvertently emailing their files to you from their Mac, iPhone via Safari

Apple on Thursday issued security updates for iOS, iPadOS, watchOS, and macOS that address three holes reported by Google's Project Zero bug hunters among exploitable flaws found by others. Installing the latest software for your iPhone, iPad and so on will address these programming blunders. The iPhone giant's security bulletins note that the three flaws discovered and reported by Project Zero – CVE-2020-27930 (remote-code execution), CVE-2020-27950 (kernel memory leak), and CVE-2020-27932 (k...

CVE-2020-27902

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect