CVE-2020-9934
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | iOS | unspecified < iOS 13.6 and iPadOS 13.6 | affected |
| Apple | macOS | unspecified < macOS Catalina 10.15.6 | affected |
Weaknesses
- A local user may be able to view sensitive user information
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: partial
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.