VDB
CVE-2020-9934
CVE-2020-9934
PUBLISHED
KEV
CVSS 2.0999999046325684 LOW
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.
EPSS 2.10% · 84.4th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
2.10%
84.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | mac_os_x | 0, 0 |
| apple | ipados | 0, 0 |
| Apple | macOS | unspecified |
| apple | iphone_os | 0, 0 |
| Apple | iOS | unspecified |
Exploit Intelligence
- CVE-2020–9934 POC (github-poc)
- CVE-2020–9934 POC (github-poc)
- CVE-2020–9934 POC (github-poc)
- CVE-2020–9934 POC (github-poc)
- CVE-2020–9934 POC (github-poc)
- CIRCL seen: CVE-2020-9934 (circl-sighting)
- CIRCL seen: CVE-2020-9934 (circl-sighting)
- CIRCL seen: CVE-2020-9934 (circl-sighting)
- CIRCL seen: CVE-2020-9934 (circl-sighting)
- CIRCL seen: CVE-2020-9934 (circl-sighting)
…and 22 more exploits
Timeline
- Jan 19, 1970 VulnCheck XDB Entry
- Jul 20, 2020 CVE Published
- Sep 11, 2020 PoC Published
- Apr 6, 2021 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Sep 14, 2021 EPSS Score
- Sep 16, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- https://support.apple.com/HT211289 url
- https://support.apple.com/HT211288 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9934 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-9934 advisory
- https://support.apple.com/en-us/HT211289 advisory
- https://support.apple.com/en-us/HT211288 advisory
- https://support.apple.com/en-us/HT211292 advisory
- https://support.apple.com/en-us/HT211291 advisory
- https://support.apple.com/en-us/HT211290 advisory