4.3
CVSSv2

CVE-2020-9773

Published: 01/04/2020 Updated: 15/11/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and iPadOS 14.0. A malicious application may be able to identify what other applications a user has installed.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple ipados

apple iphone os

apple mac os x

apple tvos

apple watchos

Vendor Advisories

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 are now available and address the following: AppleAVD Available for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later Impact: An application may be able to cause unexpected system ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-4 watchOS 62 watchOS 62 is now available and addresses the following: ActionKit Available for: Apple Watch Series 1 and later Impact: An application may be able to use an SSH client provided by private frameworks Description: This issue was addressed with a new entitlement CV ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-2 macOS Catalina 10154, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra macOS Catalina 10154, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra are now available and address the following: Apple HSSPI Support Available for: macOS Cat ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-3 tvOS 134 tvOS 134 is now available and addresses the following: ActionKit Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to use an SSH client provided by private frameworks Description: This issue was addressed with a new entitlement CVE-2020- ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-1 iOS 134 and iPadOS 134 iOS 134 and iPadOS 134 are now available and address the following: ActionKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to use an SSH client provi ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211850 AppleAVD Available for: iPhone 6s and later, iPod ...

Github Repositories

IconServicesDemon This is an issue I found in iOS on May of 2020 For more information, see the email I sent to Apple (product-security@applecom) on 21st of May below Mail to Apple Follow-up: <ID> In my last email, I said that if the application could capture the icon mask creation error, it could learn whether an application is installed or not I couldn't