PT-2020-20913 · Apple · Ios+4
Josh Parnham
+1
·
Published
2020-11-12
·
Updated
2023-08-27
·
CVE-2020-9977
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
macOS Big Sur version 11.0.1 and earlier
iOS versions prior to 14.0
iPadOS versions prior to 14.0
Description
A validation issue existed in the entitlement verification, which was addressed with improved validation of the process entitlement. This issue allowed a malicious application to determine a user's open tabs in Safari.
Recommendations
For macOS Big Sur versions prior to 11.0.1, update to version 11.0.1 or later.
For iOS versions prior to 14.0, update to version 14.0 or later.
For iPadOS versions prior to 14.0, update to version 14.0 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Safari
Ios
Ipados
Macos Big Sur