PT-2022-8609 · Apple · Imessage
Zadewg
·
Published
2022-03-23
·
Updated
2022-03-30
·
CVE-2020-20095
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
iMessage (Messages app) versions prior to 12.4
Description
The user interface of the iMessage app does not properly represent URI messages to the user. This results in URI spoofing via specially crafted messages.
Recommendations
For versions prior to 12.4, update to a version newer than 12.4 to resolve the issue. As a temporary workaround, consider avoiding the use of URI messages in the iMessage app until a patch is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Imessage