CVE-2020-9934
MEDIUM | Platform: iPadOS | Changelog
CVE Details
Description
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 5.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/HT211288 (Release Notes, Vendor Advisory)
- https://support.apple.com/HT211289 (Release Notes, Vendor Advisory)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9934 (US Government Resource)