CVE-2020-9992 Information
Feb 14, 2021
cve
Description
This issue was addressed by encrypting communications over the network to devices running iOS 14 iPadOS 14 tvOS 14 and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0 Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
https://support.apple.com/HT211848 https://support.apple.com/HT211850
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: