CVE-2020-11024

Summary

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.

Affected Software

VendorProductVersion RangeStatus
moonlight-streamMoonlight< 4.0.1affected

Weaknesses

  • CWE-300: CWE-300: Channel Accessible by Non-Endpoint

ADP Enrichment

CVE Program Container

Additional References

References