CVE-2020-9934 — Vulnetix

Try Vulnetix Request Demo

CVE-2020-9934 PUBLISHED KEV CVSS 2.0999999046325684 LOW

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.

EPSS 2.44% · 85.0th percentile

Risk Scores

CVSS v2.0

2.0999999046325684

EPSS Score

2.44%

85.0th percentile

Affected Products

Vendor	Product	Versions
apple	mac_os_x	0, 0
apple	ipados	0, 0
Apple	macOS	unspecified
apple	iphone_os	0, 0
Apple	iOS	unspecified

Timeline

Jan 19, 1970 VulnCheck XDB Entry
Jul 20, 2020 CVE Published
Sep 11, 2020 PoC Published
Apr 6, 2021 CVE Updated
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Sep 14, 2021 EPSS Score
Sep 16, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score

References

https://support.apple.com/HT211289 url
https://support.apple.com/HT211288 url
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9934 url
https://nvd.nist.gov/vuln/detail/CVE-2020-9934 advisory
https://support.apple.com/en-us/HT211289 advisory
https://support.apple.com/en-us/HT211288 advisory
https://support.apple.com/en-us/HT211292 advisory
https://support.apple.com/en-us/HT211291 advisory
https://support.apple.com/en-us/HT211290 advisory

Open in Interactive Console →