PT-2020-12499 · Moonlight · Moonlight

Cgutman

Published

2020-04-29

Updated

2021-10-26

CVE-2020-11024

CVSS v3.1

8.2

High

Vector

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Moonlight iOS/tvOS versions prior to 4.0.1

Description The pairing process in Moonlight is susceptible to a man-in-the-middle attack, allowing an attacker to intercept and manipulate data. This issue has been resolved in version 4.0.1 for iOS and tvOS.

Recommendations For Moonlight iOS/tvOS versions prior to 4.0.1, update to version 4.0.1 to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-300CWE-200

Related Identifiers

CVE-2020-11024

GHSA-G298-GP8Q-H6J3

Affected Products

Moonlight

PT-2020-12499 · Moonlight · Moonlight

CVE-2020-11024

Weakness Enumeration

Related Identifiers

Affected Products

References · 5