4.3
CVSSv2

CVE-2020-9968

Published: 16/10/2020 Updated: 15/11/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.7, tvOS 14.0, watchOS 7.0. A malicious application may be able to access restricted files.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple ipad os

apple iphone os

apple mac os x

apple tvos

apple watchos

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-4 watchOS 70 watchOS 70 is now available and addresses the following: Keyboard Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved state management ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-24-1 macOS Catalina 10156 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave macOS Catalina 10156 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave are now available and address the following: Imag ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-2 tvOS 140 tvOS 140 is now available and addresses the following: Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be able to misuse a trust relationship to download malicious content Description: A trust issue was addressed by removing a legacy API C ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 are now available and address the following: AppleAVD Available for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later Impact: An application may be able to cause unexpected system ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10157, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave macOS Catalina 10157, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave addresses the following issues Informati ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 70 watchOS 70 addresses the following issues Information about the security content is also available at supportapplecom/HT211844 Audio Available for: Apple Watch Series 3 and later Impact: A malicious appl ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 140 tvOS 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211843 Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be abl ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211850 AppleAVD Available for: iPhone 6s and later, iPod ...

Github Repositories

macos/ios exploit writeup

Here is some resources about macOS/iOS system security exploit writeup blogpanguio/ bugschromiumorg/p/project-zero/issues/list talosintelligencecom/vulnerability_reports#disclosed CVE modules POC/writeup link CVE-2015-???? Kernel githubcom/kpwn/tpwnnirvan360cn/blog/?p=469wwwblackhatcom/docs/eu-15/materials/eu-15-T